User Manual

Chapter 3 - Operation and Administration of the Macro BTS NPU Configuration

4Motion 205 System Manual

3.4.10.1.3 Configuring ACLs in the Extended Mode

After you have enabled the extended ACL configuration mode, you can create

Permit/Deny rules based on source/destination IP address, protocol and

source/destination port numbers.

This section describes the commands to be used for:

 “Configuring Permit/Deny Rules from/to a Specific Protocol and

Source/Destination IP Addresses” on page 205

 “Configuring Permit/Deny Rules for TCP/UDP Traffic” on page 210

 “Configuring Permit/Deny Rules for ICMP Traffic” on page 217

3.4.10.1.3.1 Configuring Permit/Deny Rules from/to a Specific Protocol and

Source/Destination IP Addresses

After you have created an ACL, you can configure Permit/Deny rules to be applied

for traffic from/to a particular source/destination IP address/subnet, with

respect to a specific protocol.

This section describes the commands to be used for:

 “Creating a Permit/Deny Rule for Specific Protocols/IP Addresses (Extended

Mode)” on page 206

Command

Modes

Standard ACL configuration mode

IMPORTANT

You cannot create Permit or Deny rules for an ACL that is associated with a Qos marking rule. You

can either associate QoS marking rules or permit/deny rules with an ACL.

IMPORTANT

After you have configured the rules to be applied on an ACL, you can attach the ACL to the NPU or

AUs. The ACL enables filtering of traffic destined to these interfaces. For more information, refer to

Section 3.4.10.3.

IMPORTANT

You cannot configure Permit or Deny rules for an ACL that is associated with a Qos marking rule.

You can either associate QoS marking rules or permit/deny rules with an ACL.