Specifications
SSR Command Line Interface Reference Manual 51
acl permit|deny ipx
<DstSocket> Destination IPX socket. The SSR will interpret this number in
hexadecimal format. You do not need to use a “0x” prefix. You can use
the keyword any to specify a wildcard (“don’t care”) condition.
<SrcNetmask> Source network mask. This field specifies a group of networks for
which the ACL applies. This mask field is ANDed with the network
portion of <SrcAddr> and the source network of the incoming packets
to determine a hit. The SSR will interpret this number in hexadecimal
format. You do not need to use a “0x” prefix.
This is an optional argument and if you omit the argument, the SSR
uses the hexadecimal value FFFFFFFF.
<DstNetmask> Destination network mask. This field specifies a group of networks for
which the ACL applies. This mask field is ANDed with the network
portion of <DstAddr> and the destination network of the incoming
packets to determine a hit. The SSR will interpret this number in
hexadecimal format. You do not need to use a “0x” prefix.
This is an optional argument and if you omit the argument, the SSR
uses the hexadecimal value FFFFFFFF.
Restrictions
When you apply an ACL to an interface, the SSR appends an implicit deny rule to that ACL.
The implicit deny rule denies all traffic. If you intend to allow all traffic that doesn’t
match your specified ACL rules to go through, you must explicitly define a rule to permit
all traffic.
Examples
The following command creates an ACL to permit IPX traffic from the host with IPX
address AAAAAAAA.01:20:0A:F3:24:6D, any socket, to any other IPX address
(network.node), any socket.
The following command creates an ACL to deny IPX traffic from the host with IPX
address F6D5E4.01:20:0A:F3:24:6D, with socket address 451, to any other IPX address
(network.node), any socket.
ssr(config)# acl 100 permit ipx AAAAAAAA.01:20:0A:F3:24:6D any any any
ssr(config)# acl 200 deny ipx F6D5E4.01:20:0A:F3:24:6D 451 any any