EasyManuals Logo

Extreme Networks ExtremeWare User Manual

Extreme Networks ExtremeWare
2254 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #852 background imageLoading...
Page #852 background image
852 ExtremeWare Software 7.3.0 Command Reference Guide
Security Commands
create access-list tcp destination source ports
create access-list <name> tcp destination [<dest_ipaddress>/<mask> | any]
ip-port [<dst_port> | range <dst_port_min> <dst_port_max> | any]
source [<src_ipaddress>/<src_mask> | any] ip-port [<src_port> | range
<src_port_min> <src_port_max> | any] [permit <qosprofile> |
permit-established | deny] ports [<portlist> | any] {precedence
<precedence_num>}
Description
Creates a named IP access list that applies to TCP traffic.
Syntax Description
Default
N/A.
name Specifies the access list name. The access list name can be between 1 and
31 characters.
dest_ipaddress/mask Specifies an IP destination address and subnet mask. A mask length of 32
indicates a host entry.
any specifies that any address will match.
dst_port Specifies a TCP layer 4 port.
any specifies that all TCP ports will match.
dst_port_min Specifies the beginning of a TCP layer 4 port range.
dst_port_max Specifies the end of a TCP layer 4 port range.
src_ipaddress/src_mask Specifies a source IP address and subnet mask.
any specifies that any address will match.
src_port Specifies a TCP layer 4 port.
any specifies that all TCP ports will match.
src_port_min Specifies the beginning of a TCP layer 4 port range.
src_port_max Specifies the end of a TCP layer 4 port range.
permit Specifies that packets that match the access list description are permitted to
be forward by this switch.
qosprofile Specifies an optional QoS profile can be assigned to the access list, so that
the switch can prioritize packets accordingly.
permit-established Specifies that a currently-established TCP session is allowed, but TCP
packets from source to destination (uni-directional) with SYN=1 and ACK=0 (to
initiate a new session) will be dropped.
deny Specifies that packets that match the access list description are filtered
(dropped) by the switch.
portlist Specifies the ingress port(s) on which this rule is applied.
any specifies that the rule will be applied to all ports.
prec_number Specifies the access list precedence number. The range is 1 to 25,600.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Extreme Networks ExtremeWare and is the answer not in the manual?

Extreme Networks ExtremeWare Specifications

General IconGeneral
BrandExtreme Networks
ModelExtremeWare
CategorySoftware
LanguageEnglish

Related product manuals