Specifications
SSR Command Line Interface Reference Manual 35
Chapter 1
acl Commands
The acl commands allow you to create ACLs (Access Control Lists) and apply them to IP
and IPX interfaces on the SSR. An ACL permits or denies switching of packets based on
criteria such as the packet’s source address and destination address, TCP or UDP port
number, and so on. When you apply an ACL to an interface, you can specify whether the
ACL affects incoming traffic or outgoing traffic. You also can enable a log of the ACL’s
use.
Command Summary
Table 1 lists the acl commands. The sections following the table describe the command
syntax.
Table 1. acl commands
acl <name> apply interface <InterfaceName> input|output
[logging on|off|deny-only|permit-only][policy local|external]
acl <name> apply service <ServiceName> [logging [on|off]]
acl <name> permit|deny icmp <SrcAddr/Mask> <DstAddr/Mask>
acl <name> permit|deny igmp <SrcAddr/Mask> <DstIP/mask>
acl <name> permit|deny ip <SrcAddr/Mask> <DstAddr/Mask> <SrcPort> <DstPort>
<tos> [accounting]
acl <name> permit|deny ip-protocol <proto-num> <SrcAddr/Mask> <DstAddr/Mask>
<tos>
acl <name> permit|deny ipx <SrcAddr> <SrcSocket> <DstAddr> <DstSocket>
<SrcNetMask> <DstNetMask>
acl <name> permit|deny ipxgns <ServerAddr> <ServiceType> <ServiceName>