User Manual UMN:CLI
V8102
253
label: Identifies an application.
precedence: Identifies a packet filter precedence level.
tos: Type of service (ToS) used to filter packets. (0-255:
actual value for ToS)
pkt-size: Identifies packet size.
gt: packet size less than or greater than specified val-
ue.
lt: packet size less than or greater than specified value.
(0-65535: packet size)
fragments: An ACL applies to the non-initial fragment of
packet.
log: logs the results.
interface: the name of the input or output interface.
To delete an existing access-list (ACL) to filter packets, use the following command.
no access-list zebos WORD {deny | permit}
Deletes an entry of the ZeBos extend-
ed ACL.
no access-list zebos WORD {deny | permit} {ip |
gre | igmp | pim | rsvp | ospf | vrrp | ipcomp |
any | <0-255>} {SOUR_ADDR |
SOUR_ADDR_RANGE | any} {DES_ADDR |
DES_ADDR_RANGE | any} {label <1-65535> |
precedence <0-7> | tos {<0-255> | range <0-
255> <0-255>} | pkt-size {lt <0-65535>| gt <0-
65535> | range <0-65535> <0-65535>} | frag-
ments | log | interface {in | out} [{tengiga-
bitethernet IFPORT | gpon IFPORT | chan-
nelgroup} IFPORT | vlan VLANID}]
7.18.9.1 Access List ZeBos for ICMP
To create an access-list (ACL) to filter packets specific to the ICMP protocol, use the fol-
lowing command.
access-list zebos WORD {deny
| permit} icmp {SOUR_ADDR |
SOUR_ADDR_RANGE | any}
{DES_ADDR |
DES_ADDR_RANGE | any}
Specifies a deny or permit statement of the Zebos ex-
tanded ACL to filter packets specific to the ICMP proto-
col.
WORD: access-list name
deny: specifies route to deny.
permit: Specified route to permit.
SOUR_ADDR: source IP address to match
(A.B.C.D/M)
SOUR_ADDR_RANGE: source IP address range to
match (A.B.C.D A.B.C.D)
DES_ADDR: destination IP address to match
(A.B.C.D/M)
DES_ADDR_RANGE: destination IP address range to
access-list zebos WORD {deny
| permit} icmp {SOUR_ADDR |
SOUR_ADDR_RANGE | any}
{DES_ADDR |
DES_ADDR_RANGE | any}
[{icmp-type ICMP-TYPE | label
<1-65535> | precedence <0-7> |
To Next Page
Loading...