MES1000, MES2000 Ethernet Switches 203
permit tcp
{any|source_prefix/length}
{any | source_port}
{ any|destination_prefix/length}
{any| destination_port}
[dscp dscp | precedence precedence]
[time-range time_name]
[match-all list_of_flags]
[offset-list offset_list_name]
Adds a permit filtration record for the TCP protocol. Packets which fulfil
the record's requirements will be processed by the switch.
permit udp
{any|source_prefix/length}
{any | source_port}
{ any|destination_prefix/length}
{any| destination_port}
[dscp dscp | precedence precedence]
[time-range time_name]
[offset-list offset_list_name]
Adds a permit filtration record for the UDP protocol. Packets which fulfil
the record's requirements will be processed by the switch.
deny protocol
{any|source_prefix/length}
{ any|destination_prefix/length}
[dscp dscp | precedence precedence]
[time-range time_name]
[disable-port|log-input]
[offset-list offset_list_name]
Adds a deny filtration record for a protocol. Packets which fulfil the
record's requirements will be blocked by the switch. If the disable-port
keyword is specified, the physical interface receiving the packet will be
disabled. If the log-input keyword is specified, the physical a message will
be sent to the system log.
deny icmp
{any|source_prefix/length}
{ any|destination_prefix/length}
{any|icmp_type}
{any|icmp_code}
[dscp dscp | precedence precedence]
[time-range time_name]
[disable-port|log-input]
[offset-list offset_list_name]
Adds a deny filtration record for the ICMP protocol. Packets which fulfil
the record's requirements will be blocked by the switch. If the disable-port
keyword is specified, the physical interface receiving the packet will be
disabled. If the log-input keyword is specified, the physical a message will
be sent to the system log.
deny tcp
{any|source_prefix/length}
{any | source_port}
{ any|destination_prefix/length}
{any| destination_port}
[dscp dscp | precedence precedence]
[match-all list_of_flags]
[time-range time_name]
[disable-port|log-input]
[offset-list offset_list_name]
Adds a deny filtration record for the TCP protocol. Packets which fulfil the
record's requirements will be blocked by the switch. If the disable-port
keyword is specified, the physical interface receiving the packet will be
disabled. If the log-input keyword is specified, the physical a message will
be sent to the system log.
deny udp
{any|source_prefix/length}
{any | source_port}
{ any|destination_prefix/length}
{any| destination_port}
[dscp dscp | precedence precedence]
[match-all list_of_flags]
[time-range time_name]
[disable-port|log-input]
[offset-list offset_list_name]
Adds a deny filtration record for the UDP protocol. Packets which fulfil the
record's requirements will be blocked by the switch. If the disable-port
keyword is specified, the physical interface receiving the packet will be
disabled. If the log-input keyword is specified, the physical a message will
be sent to the system log.
offset-list name { offset_base offset mask
value} …
Creates a user templates list with the name specified in the name field.
The name should contain from 1 to 32 characters.
One command may contain up to 4 templates having the following
parameters:
offset_base—basic offset. Possible values:
L3—beginning of the IPv4 header, L4—end of the IPv4 header.
offset—byte offset within a packet. Basic offset is considered as a
starting point.
To Next Page
Loading...
Need help?
General
