Manualshelf

Specifications

ManualsBrandsCabletron Systems ManualsComputer equipmentSmartSwitch Router
21222324252627282930
Table Of Contents
Chapter 1: acl Commands
1 - 4 SSR Command Line Interface Reference Manual
acl apply service
Purpose
Apply an ACL to a service on the SSR.
Format
acl
<name>
apply service
<ServiceName>
[logging [on|off]]
Mode
Configure
Description
The
acl
apply
service
command applies a previously defined ACL to a service
provided by the SSR. A service is typically a server or agent running on the SSR, for
example, a Telnet server or SNMP agent. By applying an ACL to a service, you can
control which host can access individual services on the SSR. This type of ACL is
known as a Service ACL. It does not control packets going through the SSR. It only
controls packets that are destined for the SSR, specifically, one of the services
provided by the SSR. As a result, a Service ACL, by definition, is applied only to
check for inbound traffic to the SSR. In addition, if a Service ACL is defined with
destination address and port information, that information is ignored. The
destination host of a Service ACL is by definition the SSR. The destination port is
the well-known port of the service.
When you apply an ACL, you also can enable ACL Logging by using the
logging
keyword. When you enable ACL Logging on an interface, the SSR displays ACL
Logging messages on the console. The ACL log provides information such as the
interface name, the ACL name, whether the packet is forwarded or not, and the internal
details of the packet.
Parameters
<name>
Name of the Service ACL. The ACL must already be defined.
To define an ACL, use one of the commands described in the
previous sections in this chapter.
<ServiceName>
Name of the service on the SSR to which you are applying the
ACL. Currently, the following services are supported:
http
– HTTP web server
snmp
– SNMP agent