Specifications
SSR Command Line Interface Reference Manual 41
acl permit|deny icmp
acl permit|deny icmp
Purpose
Create an ICMP ACL.
Format
acl <name> permit|deny icmp <SrcAddr/Mask> <DstAddr/Mask>
Mode
Configure
Description
The acl permit icmp and acl deny icmp commands define an ACL to allow or block ICMP
traffic from entering or leaving the SSR. For each of the values describing a flow, you can
use the keyword any to specify a wildcard (“don’t care”) condition. If you do not specify a
value for a field, the SSR applies a wildcard condition to the field, giving the same effect
as if you specify the any keyword.
Parameters
<name> Name of this ACL. You can use a string of characters or a number.
<SrcAddr/Mask> The source address and the filtering mask of this flow. If the source
address is a network or subnet address, you must supply the filtering
mask. Generally, the filtering mask is the network mask of this network
or subnet. If the source address is that of a host then no mask is
required. By default, if a mask is not supplied, the source address is
treated as that of a host. You can specify the mask using the traditional
IP address format (“255.255.0.0”) or the CIDR format (“/16”).
<DstAddr/Mask> The destination address and the filtering mask of this flow. The same
requirements and restrictions for <SrcAddr/Mask> apply to
<DstAddr/Mask>.