Specifications
acl permit|deny
68 SSR Command Line Interface Reference Manual
acl permit|deny
Purpose
Create an ACL rule to permit or deny traffic.
Format
acl <name> permit|deny
Mode
ACL Editor
Description
The acl permit|deny commands are equivalent to the same commands in the
Configuration mode. You can use these commands to create rules for the ACL that you are
editing. Just like the acl commands in Configuration mode, new rules are appended to the
end of the rules. You can use the move command to re-order the rules.
Restrictions
You can only add rules for the ACL you specified in the acl-edit command. You cannot
add rules for other ACLs. For example, if you start with acl-edit 110, you cannot add rules
for ACL 121.
Example
To add a new rule (deny all UDP traffic) to ACL 111:
ssr(config)# acl-edit 111
1*: acl 111 permit tcp 10.1.15.0/24 10.1.11.0/24 2000-2002 any
2*: acl 111 permit tcp 10.1.15.0/24 10.1.11.0/24 2003-2005 any
ssr(acl-edit)> acl 111 deny udp
1*: acl 111 permit tcp 10.1.15.0/24 10.1.11.0/24 2000-2002 any
2*: acl 111 permit tcp 10.1.15.0/24 10.1.11.0/24 2003-2005 any
3*: acl 111 deny udp