Command with no prex removes the rule.
Prex no Yes
Change settings Yes
Multiple input Yes
Synopsis
(cong-acl)> deny (tcp | udp) ‹source› ‹source-mask›
[ port( ( ‹src-port-operator› ‹source-port› )|
( range ‹source-port› ‹source-end-port› ))]
‹destination› ‹destination-mask›
[ port( ( ‹dst-port-operator› ‹destination-port› )|
( range ‹destination-port› ‹destination-end-port› ))]
(cong-acl)> deny (icmp | esp | gre | ipip | ip) ‹source› ‹source-mask›
‹destination› ‹destination-mask›
(cong-acl)> no deny (tcp | udp) ‹source› ‹source-mask›
[ port( ( ‹src-port-operator› ‹source-port› )|
( range ‹source-port› ‹source-end-port› ))]
‹destination› ‹destination-mask›
[ port( ( ‹dst-port-operator› ‹destination-port› )|
( range ‹destination-port› ‹destination-end-port› ))]
(cong-acl)> no deny (icmp | esp | gre | ipip | ip) ‹source› ‹source-mask›
‹destination› ‹destination-mask›
Arguments
DescriptionValueArgument
TCP protocol.Keywordtcp
UDP protocol.Keywordudp
ICMP protocol.Keywordicmp
ESP protocol.Keywordesp
GRE protocol.Keywordgre
IP in IP protocol.Keywordipip
IP protocol (include TCP, UDP, ICMP
and other).
Keywordip
The source address in the header
of IP-packet.
IP-addresssource
Mask to be applied to the source
address in the header of IP-packet
IP-masksource-mask
before comparison with source.
There are two ways to enter the
mask: the canonical form (for
example, 255.255.255.0) and the
form of prex bit length (for
example, /24).
Keenetic Lite (KN-1310) — Command Reference Guide
31
Chapter 3 Command Reference
To Next Page
Loading...
Need help?
General
