“any”: Specify “any” to denote the
value which is either zero or not zero.
“0”: Specify “0” to indicate that the TTL
filed in IPv4 header is 0.
“1”: If the value in TTL field is not 0,
use “1” to indicate that.
Specify IP fragment bit.
“any”: Specify “any” to denote the
value which is either 0 or not 0.
“0”: Specify “0” to indicate that the
fragment filed in IPv4 header is 0.
“1”: If the value in TTL field is not 0,
use “1” to indicate that.
Specify IP option bit.
“any”: Specify “any” to denote the
value which is either 0 or not 0.
“0”: Specify “0” to indicate that the
IPv4 is 5 bytes.
“1”: Specify “1” to indicate that the
IPv4 header is bigger than 5 bytes.
Switch(config-acl-RULE)#
frame-type tcp [dest_mac]
[source_port] [dest_port]
[source_ip] [ip_mask]
[dest_ip] [ip_mask] [ip_ttl]
[ip_fragment] [ip_option]
[tcp_fin] [tcp_syn] [tcp_rst]
[tcp_psh] [tcp_ack]
[tcp_urg]
Define destination MAC address type.
“any”: Specify “any” to apply ACL rule
to any destination MAC addresses.
“uc”: Specify “uc” to apply ACL rule to
unicast traffic.
“mc”: Specify “mc” to apply ACL rule
to multicast traffic.
“bc”: Specify “bc” to apply ACL rule to
broadcast traffic.
“any”: Specify “any” to filter frames
from any source ports.
“0-65535”: Specify a source port
between 0 and 65535.
“0-65535/0-65535”: Specify a range of
source ports. For example,
“1000/2000” means that port numbers
from 1000 to 200 are specified. The
starting source port number is100;
whereas, the ending source port
number is 2000.
To Next Page
Loading...
