Security and authentication
11.4 IP access control list
SCALANCE XM-400/XR-500 Command Line Interface (CLI)
Configuration Manual, 06/2016, C79000-G8976-C252-11
847
● Incoming and/or outgoing TCP segments of hosts of a specific subnet are forwarded.
● Incoming and/or outgoing TCP segments are forwarded to specific ports.
Note
Processing order of the lists
The access control lists
are processed on the interface in the order in which they were
The index number of the access control list is not used for this.
You are in the ACL standard configuration mode.
The command prompt is as follows:
cli(config-std-nacl)#
Call up the command with the following parameters:
permit tcp {any | host <src-ip-address> | <src-ip-address> <src-mask>} [{ gt <src-
port-number(1-65535)> | lt <src-port-number(1-65535)> | eq <src-port-number(1-65535)>
| range <src-port-number (1-65535)> <src-port-number (1-65535)>}] [{any | host <dest-
ip
-address> | <dest-ip
-address> <dest-mask>}] [{ gt <port
-number(1
-65535)> | lt <port-number(1-65535)> | eq <port-number(1-65535)> | range <port-number (1-65535)>
<port-number (1-65535)>}] [dscp<value(0-63)>] [{ack | rst}]
The parameters have the following meaning:
Forwards all incoming TCP segments.
Keyword for a an individual IPv4 ad-
-
Enter a valid IPv4 address.
Enter a valid combination of IPv4
address and subnet mask.
Corresponding subnet mask
Keyword for port numbers higher than
the specified number (gt: greater than).
-
Keyword for port numbers lower than
the specified number (lt: less than).
-
Keyword for a specific port number
-
To Next Page
Loading...
Need help?
General