icmp Enter the keyword icmp to configure an ICMP access list filter.
ip Enter the keyword ip to configure a generic IP access list. The
keyword
ip specifies that the access list permits all IP protocols.
tcp Enter the keyword tcp to configure a TCP access list filter.
udp Enter the keyword udp to configure a UDP access list filter.
source
Enter a IP address in dotted decimal format of the network from
which the packet was received.
mask
(OPTIONAL) Enter a network mask in /prefix format (/x) or A.B.C.D.
The mask, when specified in A.B.C.D format, may be either
contiguous or non-contiguous.
any Enter the keyword any to specify that all routes are subject to the
filter.
host
ip-address
Enter the keyword host and then enter the IP address to specify a
host IP address or hostname.
operator
(OPTIONAL) Enter one of the following logical operands:
• eq = equal to
• neq = not equal to
• gt = greater than
• lt = less than
• range = inclusive range of ports (you must specify two ports
for the port parameter.)
port port
(OPTIONAL) Enter the application layer port number. Enter two port
numbers if you are using the range logical operand. The range is 0 to
65535.
The following list includes some common TCP port numbers:
• 23 = Telnet
• 20 and 21 = FTP
• 25 = SMTP
• 169 = SNMP
destination
Enter the IP address of the network or host to which the packets are
sent.
message-type
(OPTIONAL) Enter an ICMP message type, either with the type (and
code, if necessary) numbers or with the name of the message type.
The range is 0 to 255 for ICMP type and 0 to 255 for ICMP code.
count (OPTIONAL) Enter the keyword count to count packets the filter
processes.
byte (OPTIONAL) Enter the keyword byte to count bytes the filter
processes.
log (OPTIONAL, E-Series only) Enter the keyword log to enter ACL
matches in the log. Supported on Jumbo-enabled line cards only.
260
To Next Page
Loading...
