Specifications
SSR Command Line Interface Reference Manual 61
acl permit|deny udp
acl permit|deny udp
Purpose
Create a UDP ACL.
Format
acl <name> permit|deny udp <SrcAddr/Mask> <DstAddr/Mask> <SrcPort> <DstPort>
<tos> [accounting]
Mode
Configure
Description
The acl permit udp and acl deny udp commands define an ACL to allow or block UDP
traffic from entering or leaving the SSR. For each of the values describing a flow, you can
use the keyword any to specify a wildcard (“don’t care”) condition. If you do not specify a
value for a field, the SSR applies a wildcard condition to the field, giving the same effect
as if you specify the any keyword. The two exceptions to this rule are the optional
parameters <tos> (type of service) and accounting. <tos> is a value from 0 to 15. The
accounting keyword is only valid for the permit command, and can be placed anywhere
on the command line. When you specify the accounting keyword, LFAP accounting
information will be sent to the configured server for flows that match the ACL.
Parameters
<name> Name of this ACL. You can use a string of characters or a number.
<SrcAddr/Mask> The source address and the filtering mask of this flow. If the source
address is a network or subnet address, you must supply the filtering
mask. Generally, the filtering mask is the network mask of this network
or subnet. If the source address is that of a host then no mask is
required. By default, if a mask is not supplied, the source address is
treated as that of a host. You can specify the mask using the traditional
IP address format (“255.255.0.0”) or the CIDR format (“/16”).
<DstAddr/Mask> The destination address and the filtering mask of this flow. The same
requirements and restrictions for <SrcAddr/Mask> apply to
<DstAddr/Mask>.