1-15
Table 1-11 TCP/UDP-specific ACL rule information
Parameters Type Function Description
source-port operator
port1 [ port2 ]
Source port
Defines the source port
information of
UDP/TCP packets
destination-port
operator port1 [ port2 ]
Destination port
Defines the destination
port information of
UDP/TCP packets
The value of operator can
be lt (less than), gt
(greater than), eq (equal
to), neq (not equal to) or
range (within the range
of). Only the range
operator requires two port
numbers as the operands.
The other operators
require only one port
number as the operand.
port1 and port2: TCP/UDP
port number(s), expressed
as port names or port
numbers. When
expressed as numerals,
the value range is 0 to
65535.
With the range operator,
the value of port2 does not
need to be greater than
that of port1 because the
switch can automatically
judge the value range. If
the value of port1 is the
same as that of port2, the
switch will convert the
operator range to eq.
Note that if you specify a
combination of lt 1 or gt
65534, the switch will
convert it to eq 0 or eq
65535.
established
TCP connection
flag
Specifies that the rule is
applicable only to the
first SYN segment for
establishing a TCP
connection
TCP-specific argument
For a rule of an advanced ACL that is applied to ports or VLANs of the H3C S3600 series Ethernet
switches, if it contains TCP or UDP port information, the operator argument can only be eq.
If TCP or UDP port number is represented by name, you can also define the information listed in
Table
1-12.
To Next Page
Loading...
Need help?
General