Specifications
Table Of Contents
- Title Page
- Notice
- Contents
- acl Commands
- acl-edit Commands
- aging Commands
- arp Commands
- cli Commands
- configure Command
- copy Command
- dvmrp Commands
- enable Command
- erase Command
- exit Command
- file Commands
- filters Commands
- http Commands
- igmp Commands
- interface Commands
- ip Commands
- ip-router Commands
- Command Summary
- ip-router authentication add key-chain
- ip-router authentication create key-chain
- ip-router global add
- ip-router global set
- ip-router global set trace-options
- ip-router global set trace-state
- ip-router global use provided_config
- ip-router kernel trace
- ip-router policy add filter
- ip-router policy add optional-attributes-list
- ip-router policy aggr-gen destination
- ip-router policy create aggregate-export-source
- ip-router policy create aggr-gen-dest
- ip-router policy create aggr-gen-source
- ip-router policy create aspath-export-source
- ip-router policy create bgp-export-destination
- ip-router policy create bgp-export-source
- ip-router policy create bgp-import-source
- ip-router policy create direct-export-source
- ip-router policy create filter
- ip-router policy create optional-attributes-list
- ip-router policy create ospf-export-destination
- ip-router policy create ospf-export-source
- ip-router policy create ospf-import-source
- ip-router policy create rip-export-destination
- ip-router policy create rip-export-source
- ip-router policy create rip-import-source
- ip-router policy create static-export-source
- ip-router policy create tag-export-source
- ip-router policy export destination
- ip-router policy import source
- ip-router policy redistribute
- ip-router show configuration file
- ip-router show state
- ipx Commands
- l2-tables Commands
- logout Command
- multicast Commands
- mtrace Command
- negate Command
- no Command
- ospf Commands
- Command Summary
- ospf add interface
- ospf add nbma-neighbor
- ospf add network
- ospf add stub-host
- ospf add virtual-link
- ospf create area
- ospf create-monitor
- ospf monitor
- ospf set area
- ospf set ase-defaults
- ospf set export-interval
- ospf set export-limit
- ospf set interface
- ospf set monitor-auth-method
- ospf set trace-options
- ospf set virtual-link
- ospf show
- ospf start|stop
- ping Command
- port Commands
- qos Commands
- reboot Command
- rip Commands
- save Command
- show Command
- snmp Commands
- statistics Commands
- stp Commands
- system Commands
- Command Summary
- system image add
- system image choose
- system image delete
- system image list
- system promimage upgrade
- system set bootprom
- system set contact
- system set date
- system set dns
- system set location
- system set name
- system set password
- system set poweron-selftest
- system set syslog
- system set terminal
- system show
- traceroute Command
- vlan Commands
Chapter 1 acl Commands
The acl commands allow you to create ACLs (Access Control Lists) and apply them
to IP and IPX interfaces on the SSR. An ACL permits or denies switching of packets
based on criteria such as the packet’s source address and destination address, TCP or
UDP port number, and so on. When you apply an ACL to an interface, you can specify
whether the ACL affects incoming traffic or outgoing traffic. You also can enable a log
of the ACL’s use.
Command Summary
Table 1 lists the acl commands. The sections following the table describe the command
syntax.
Table 1: acl commands
acl
<name>
apply interface
<InterfaceName>
input|output
[logging [on|off]]
acl
<name>
apply service
<ServiceName>
[
logging [on|off]]
acl
<name>
permit|deny icmp
<SrcAddr/Mask> <DstAddr/Mask>
acl
<name>
permit|deny igmp
<SrcAddr/Mask> <DstIP/mask>
acl
<name>
permit|deny ip
<SrcAddr/Mask> <DstAddr/Mask>
<SrcPort> <DstPort> <tos>
acl
<name>
permit|deny
ipx
<SrcAddr> <DstAddr> <SrcSocket>
<DstSocket>
acl
<name>
permit|deny ipxrip
<FromNetwork> <ToNetwork>
acl
<name>
permit|deny ipxsap
<ServerAddr> <ServiceType>
<ServiceName>
acl
<name>
permit|deny tcp
<SrcAddr/Mask> <DstAddr/Mask>
<SrcPort> <DstPort> <tos>
acl
<name>
permit|deny udp
<SrcAddr/Mask> <DstAddr/Mask>
<SrcPort> <DstPort> <tos>
Chapter 1