1-13
rule (for Advanced ACLs)
Syntax
rule [ rule-id ] { deny | permit } protocol [ rule-string ]
undo rule rule-id [ destination | destination-port | dscp | fragment | icmp-type | igmp-type |
precedence | source | source-port | time-range | tos | ttl ]*
View
Advanced ACL view
Parameters
Parameters of the rule command
rule-id: ACL rule ID, in the range of 0 to 65534.
deny: Drops the matched packets.
permit: Permits the matched packets.
protocol: Protocol carried by IP. When the protocol is represented by numeral, it ranges from 1 to 255;
when the protocol is represented by name, it can be gre (47), icmp (1), igmp (2), ip, ipinip (4), ospf
(89), tcp (6), and udp (17).
rule-string: ACL rule information, which can be a combination of the parameters described in
Table 1-7.
Table 1-7 Arguments/keywords available to the rule-string argument
Arguments/Keywords Type Function Description
source { sour-addr
sour-wildcard | any }
Source
address
Specifies the
source address
information for
the ACL rule
The sour-addr sour-wildcard
arguments specify the source
address of the packets, expressed in
dotted decimal notation. You can
specify the IP address of a host as the
source address by providing 0 for the
sour-wildcard argument.
The any keyword specifies any
source address.
destination { dest-addr
dest-wildcard | any }
Destination
address
Specifies the
destination
address
information for
the ACL rule
The dest-addr dest-wildcard
arguments specify the destination
address of the packets, expressed in
dotted decimal notation. You can
specify the IP address of a host as the
destination address by providing 0 for
the dest-wildcard argument.
The any keyword specifies any
destination address.
precedence
precedence
Packet
priority
Specifies an IP
precedence.
The precedence argument can be a
number in the range 0 to 7.
tos tos
Packet
priority
Specifies a ToS
preference.
The tos argument can be a number in
the range 0 to 15.
dscp dscp
Packet
priority
Specifies a
DSCP priority.
The dscp argument can be a number
in the range 0 to 63.
To Next Page
Loading...
Need help?
General