set policy rule
SecureStack C2 Configuration Guide 9-11
Defaults
None.
Mode
Switchcommand,read‐write.
Usage
Table 9‐3providesthesetpolicyruledatavaluesthatcanbe enteredforaparticularclassification
type,andthemaskbitsthatcanbeenteredforeachclassifierassociatedwiththatparameter.
udpdestport ClassifiesbasedonUDPdestinationport.
udpsourceport ClassifiesbasedonUDPsourceport.
data Specifiesthecodefora
predefinedclassifier.Thisvalueisdependenton
theclassificationtypeentered.RefertoTable 9‐3forvalidvaluesforeach
classificationtype.
maskmask (Optional)Specifiesthenumberofsignificantbitstomatch,dependenton
thedatavalueentered.RefertoTable 9‐3forvalidvaluesforeach
classificationtypeand
datavalue.
vlanvlan ClassifiestoaVLANID.
coscos SpecifiesthatthisrulewillclassifytoaClass‐of‐ServiceID.Validvalues
are0‐4095.Avalueof‐1indicatesthatnoCoSforwardingbehavior
modificationisdesired.(NotsupportedonB3,C3,andG3.)
drop|forward Specifies
thatpacketswithinthisclassificationwillbedroppedor
forwarded.
Table 9-3 Valid Values for Policy Classification Rules
Classification Rule Parameter data value mask bits
ether Type field in Ethernet II packet:
1536 - 65535 or 0x600 - 0xFFFF
1- 16
icmptype ICMP Type: a.b 1- 16
ipproto Protocol field in IP packet:
0 - 255 or 0 - 0xFF
1- 8
Destination or Source IP Address:
ipdestsocket
ipsourcesocket
IP Address in dotted decimal
format: 000.000.000.000 and
(Optional) post-fixed port: 0 -
65535
1 - 48
iptos Type of Service field in IP packet:
0 - 255 or 0 - 0xFF
1- 8
Destination or Source MAC:
macdest
macsource
MAC Address: 00-00-00-00-00-
00
1 - 48
Destination or Source TCP port:
tcpdestport
tcpsourceport
TCP Port Number:
0 - 65535 or 0 - 0xFFFF
1 - 16
To Next Page
Loading...
Need help?
General