Manualshelf

Specifications

ManualsBrandsCabletron Systems ManualsComputer equipmentSmartSwitch 1800
41424344454647484950
SSR Command Line Interface Reference Manual 49
acl permit|deny ip-protocol
<DstAddr/Mask> The destination address and the filtering mask of this flow. The same
requirements and restrictions for <SrcAddr/Mask> apply to
<DstAddr/Mask>.
<tos> IP TOS (Type of Service) value. You can specify a TOS from 0 – 15.
Restrictions
When you apply an ACL to an interface, the SSR appends an implicit deny rule to that ACL.
The implicit deny rule denies all traffic. If you intend to allow all traffic that doesnt
match your specified ACL rules to go through, you must explicitly define a rule to permit
all traffic.
Examples
To create an ACL to permit VRRP traffic (IP protocol type 112) from the subnet 10.14.0.0
(with a 16 bit netmask) to any destination:
The following command has the same function as acl 120 deny igmp since the protocol
type for IGMP is 2.
ssr(config)# acl 100 permit ip-protocol 112 10.14.0.0/16 any
ssr(config)# acl 120 deny ip-protocol 2