MES53xx, MES33xx, MES23xx Ethernet Switch Series 177
The name of the user
templates list
Specify the user templates list that will be used to recognize
packets. Every ACL may have its own templates list.
The index indicates position of the rule in a list and its priority.
The lower the index, the higher the priority. Possible values
are from 1 to 2,147,483,647.
In order to select the complete range of parameters except dscp and ip-precedence, use
As soon as at least one entry has been added to the ACL, the last entry is set by default to
Table 5.205. Configuration commands for IP-based ACLs
permit protocol {any | source source_wildcard}
{any | destination destination_wildcard}
[dscp dscp | precedence precedence]
time_name] [ace-priority index]
Add a permit filtering entry for a protocol. The packets that meet the
entry's conditions will be processed by the switch.
permit ip {any | source_ip source_ip_wildcard}
{any | destination_ip destination_ip_wildcard}
[dscp dscp | precedence precedence]
range_name] [ace-priority index]
Add a permit filtering entry for the IP. The packets that meet the entry's
conditions will be processed by the switch.
permit icmp {any | source source_wildcard}
{any | destination destination_wildcard}
{any | icmp_type} {any | icmp_code}
[dscp dscp | ip-precedence precedence]
time_name] [ace-priority index]
[offset-list offset_list_name] [vlan vlan_id]
Add a permit filtering entry for the ICMP. The packets that meet the
entry's conditions will be processed by the switch.
permit igmp {any | source source_wildcard}
{any | destination destination_wildcard}
[igmp_type]
[dscp dscp | precedence precedence]
time_nameindex]
Add a permit filtering entry for the IGMP. The packets that meet the
entry's conditions will be processed by the switch.
permit tcp {any | source source_wildcard}
{any | source_port}
{any | destination destination_wildcard}
{any | destination_port}
[dscp dscp | precedence precedence]
list_of_flags] [time-range time_name]
index]
Add a permit filtering entry for the TCP. The packets that meet the entry's
conditions will be processed by the switch.
permit udp{any |source source_wildcard}
{any | source_port}
{any | destination destination_wildcard}
{any | destination_port}
[dscp dscp | precedence precedence]
time_name] [ace-priority index]
Add a permit filtering entry for the UDP. The packets that meet the
entry's conditions will be processed by the switch.
deny protocol {any | source source_wildcard}
{any | destination destination_wildcard}
[dscp dscp| precedence precedence
time_name] | [ace-
priority index]
Add a deny filtering entry for a protocol. The packets that meet the
entry's conditions will be blocked by the switch. If the disable-port
keyword is specified, the physical interface receiving the packet will be
disabled. If the log-input keyword is specified, a message will be sent to
the system log.
deny ip {any | source_ip source_ip_wildcard}
{any | destination_ip destination_ip_wildcard}
[dscp dscp | precedence precedence]
range_name]
| [ace-priority index]
Add a deny filtering entry for the IP. The packets that meet the entry's
conditions will be blocked by the switch. If the disable-port keyword is
specified, the physical interface receiving the packet will be disabled. If
the log-input keyword is specified, a message will be sent to the system
log.
deny icmp {any | source source_wildcard}
{any | destination destination_wildcard}
{any | icmp_type} {any | icmp_code}
[dscp dscp | precedence precedence]
time_name]
Add a deny filtering entry for the ICMP. The packets that meet the entry's
conditions will be blocked by the switch. If the disable-port keyword is
specified, the physical interface receiving the packet will be disabled. If
the log-input keyword is specified, a message will be sent to the system
log.
To Next Page
Loading...
Need help?
General
