Security and authentication
11.4 IP access control list
SCALANCE XM-400/XR-500 Command Line Interface (CLI)
Configuration Manual, 11/2015, C79000-G8976-C252-10
723
Call up the command with the following parameters:
permit tcp {any | host <src-ip> | <network-src-ip> <mask>} [{ gt <port-number(1-
65535)> | lt <port
-number(1-65535)> | eq <port
-number(1-65535)> | range <port
-number (1-65535)> <port-number (1-65535)>}] [{any | host <dest-ip> | <network-dest-ip>
<mask>}] [{ gt
<port-number(1-65535)> | lt <port
-number(1-65535)> | eq <port
-number(1-65535)> | range <port-number (1-65535)> <port-number (1-65535)>}]
[dscp<value(0-63)>] [{ack | rst}]
The parameters have the following meaning:
Forwards all incoming TCP segments.
Keyword for a single IP address -
Enter a valid IP address.
Enter a valid combination of IP
address and subnet mask.
Corresponding subnet mask
Keyword for port numbers higher than
the specified number (gt: greater than).
-
Keyword for port numbers lower than
the specified number (lt: less than).
-
Keyword for a specific port number
-
Keyword for a range of port numbers.
Following this, the first and last port
number of the range is specified.
-
Forwards all outgoing TCP segments.
Keyword for a single IP address
Enter a valid IP address.
Network destination address
Enter a valid combination of IP
address and subnet mask.
Corresponding subnet mask
Keyword for the Differentiated Services
-
Value for the Differentiated Services
Codepoint
0 ... 63
Forwards RST segments. -
For information on names of addresses and interfaces, refer to the section "Interface
identifiers and addresses (Page 39)".
The IP access list for TCP segments has been configured.
To Next Page
Loading...
Need help?
General