set policy rule
SecureStack B3 Configuration Guide 10-11
Defaults
None.
Mode
Switchcommand,read‐write.
Usage
Table 10‐3providesthesetpolicyruledatavaluesthatcanbeenteredforaparticularclassification
type,andthemaskbitsthatcanbeenteredforeachclassifierassociatedwiththatparameter.
ipdestsocket ClassifiesbasedondestinationIPaddresswithoptionalpost‐fixedport.
ipsourcesocket ClassifiesbasedonsourceIPaddress,with
optionalpost‐fixedport.
iptos ClassifiesbasedonTypeofServicefieldinIPpacket.
macdest ClassifiesbasedonMACdestinationaddress.
macsource ClassifiesbasedonMACsourceaddress.
tcpdestport ClassifiesbasedonTCPdestinationport.
tcpsourceport ClassifiesbasedonTCPsourceport.
udpdestport ClassifiesbasedonUDPdestinationport.
udpsourceport ClassifiesbasedonUDP
sourceport.
data Specifiesthecodeforapredefinedclassifier.Thisvalueisdependenton
theclassificationtypeentered.RefertoTable 10‐3forvalidvaluesfor
eachclassificationtype.
maskmask (Optional)Specifiesthenumberofsignificantbitstomatch,dependenton
thedatavalueentered.RefertoTable 10‐3for
validvaluesforeach
classificationtypeanddatavalue.
vlanvlan ClassifiestoaVLANID.
coscos SpecifiesthatthisrulewillclassifytoaClass‐of‐ServiceID.Validvalues
are0‐4095.Avalueof‐1indicatesthatnoCoSforwardingbehavior
modificationisdesired.(Notsupportedon
B3,C3,andG3.)
drop|forward Specifiesthatpacketswithinthisclassificationwillbedroppedor
forwarded.
Table 10-3 Valid Values for Policy Classification Rules
Classification Rule Parameter data value mask bits
ether Type field in Ethernet II packet:
1536 - 65535 or 0x600 - 0xFFFF
1- 16
ipproto Protocol field in IP packet:
0 - 255 or 0 - 0xFF
1- 8
Destination or Source IP Address:
ipdestsocket
ipsourcesocket
IP Address in dotted decimal
format: 000.000.000.000 and
(Optional) post-fixed port: 0 -
65535
1 - 48
iptos Type of Service field in IP packet:
0 - 255 or 0 - 0xFF
1- 8
To Next Page
Loading...
Need help?
General