Common Classifiers
Left running head:
Chapter name (automatic)
480
Beta Beta
OmniAccess 5740 Unified Services Gateway CLI Configuration Guide
Alcatel-Lucent
• The “from” keyword in TCP and UDP protocols refer to the source port.
• The keyword “type” is used to match protocol specific traffic.
• There is no ordering of rules inside a match-list. All the rules are of same priority.
The rule numbers are used only for reference.
• The ordering of keywords after the initial protocol and source/destination fields is
not defined, and can be in any order. Some keywords are mutually exclusive, and/
or dependant on other keywords e.g the service specification is only applicable for
TCP or UDP packets, and is mutually exclusive with the fragment keyword.
• The usage of the AH and ESP keywords are similar to IP protocol. Their
applications are usually in the security domains.
• The protocol keyword is used to assign a number to the protocol types in use. The
protocol name to number mapping can be found at http://www.iana.org/
assignments/protocol-numbers.
TO CONFIGURE A RULE
EXAMPLE
ALU(config-match-list-test)# 10 tcp host 1.1.1.1 host 1.1.1.2
The above concept can be made clear by referring to the following examples:
Ex 1:
To classify traffic coming from network 192.168.10.0/24 and going to
192.168.11.0/24, the match-list would look as shown below.
ALU(config)# match-list m1
ALU(config-match-list-m1)# tcp prefix 192.168.10.0/24 prefix
192.168.11.0/24 service ssh
Command (in Match-list CM) Description
[<1-1024>] [<protocol>]
[<source>] [<destination>]
[<fields to be matched>]
This command is used to configure a
rule for protocols like IP, TCP, UDP,
etc.
To Next Page
Loading...
Need help?
General
