EasyManua.ls Logo

Alcatel-Lucent 7450 - Page 207

Alcatel-Lucent 7450
554 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Security
7450 ESS System Mangement Guide Page 207
Context config>sys>sec>cpm>ip-filter>entry>match
Description This command specifies the TCP/UDP port to match the source port of the packet. Note that an entry
containing Layer 4 match criteria will not match non-initial (2nd, 3rd, etc) fragments of a fragmented
packet since only the first fragment contains the Layer 4 information.
Parameters src-port-number — The source port number to be used as a match criteria expressed as a decimal
integer.
Values 0 — 65535
mask — Specifies the 16 bit mask to be applied when matching the source port.
Values 0 — 128
tcp-ack
Syntax tcp-ack {true | false}
no tcp-ack
Context config>sys>sec>cpm>ip-filter>entry>match
Description This command configures matching on the ACK bit being set or reset in the control bits of the TCP
header of an IP or IPv6 packet as an IP filter match criterion. Note that an entry containing Layer 4
match criteria will not match non-initial (2nd, 3rd, etc) fragments of a fragmented packet since only
the first fragment contains the Layer 4 information.
The no form of the command removes the criterion from the match entry.
Default No match criterion for the ACK bit
Parameters true — Specifies matching on IP or IPv6 packets that have the ACK bit set in the control bits of the
TCP header of an IP or IPv6 packet.
false — Specifies matching on IP or IPv6 packets that do not have the ACK bit set in the control bits
of the TCP header of the IP or IPv6 packet.
tcp-syn
Syntax tcp-syn {true | false}
no tcp-syn
Context config>sys>sec>cpm>ip-filter>entry>match
config>sys>sec>cpm>ipv6-filter>entry>match
config>sys>sec>cpm>ipv6-filter>entry>match
Description This command configures matching on the SYN bit being set or reset in the control bits of the TCP
header of an IP or IPv6 packet as an IP filter match criterion. Note that an entry containing Layer 4
match criteria will not match non-initial (2nd, 3rd, etc) fragments of a fragmented packet since only
the first fragment contains the Layer 4 information.

Table of Contents

Other manuals for Alcatel-Lucent 7450

Preview: Quality Of Service Guide
Quality Of Service Guide912 pages
Preview: Guide
Guide816 pages
Preview: Configuration Guide
Configuration Guide778 pages
Preview: Basic System Configuration Guide
Basic System Configuration Guide576 pages
Preview: Brochure
Brochure12 pages

Related product manuals