User Manual
Chapter 3 - Operation and Administration of the Macro BTS NPU Configuration
4Motion 218 System Manual
This section describes the commands to be used for:
“Creating a Permit/Deny Rule for ICMP Traffic (Extended Mode)” on page 218
“Deleting a Permit/Deny Rule for ICMP Traffic (Extended Mode)” on page 220
3.4.10.1.3.3.1Creating a Permit/Deny Rule for ICMP Traffic (Extended Mode)
Run the following commands to specify the Permit/Deny rule for ICMP traffic
from/to a specific source/destination IP address/subnet:
npu(config-ext-nacl)# permit icmp {any | host <src-ip-address> |
<src-ip-address> <mask>} {any | host <dest-ip-address> |
<dest-ip-address> <mask>}
npu(config-ext-nacl)# deny icmp {any | host <src-ip-address> |
<src-ip-address> <mask>} {any | host <dest-ip-address> |
<dest-ip-address> <mask>}
In the above commands, it is mandatory to specify the source IP address for which
the Permit/Deny rule is to be created. If you do not specify the destination IP
address/subnet mask, by default, traffic to all destination IP addresses is
permitted/denied.
The following table lists the parameters and their descriptions in these
commands:
IMPORTANT
You cannot configure Permit or Deny rules for an ACL that is associated with a Qos marking rule.
You can either associate QoS marking rules or permit/deny rules with an ACL.