Manualshelf

Specifications

ManualsBrandsCabletron Systems ManualsComputer equipmentSmartSwitch Router
21222324252627282930
Table Of Contents
Chapter 1: acl Commands
SSR Command Line Interface Reference Manual 1 - 5
telnet
– Telnet server
tftp
– TFTP server
logging [on|off]
Enables or disables ACL logging for this interface. You can
specify one of the following keywords:
off
– Disables logging.
•on
– Enables logging.
Restrictions
You can apply only one ACL of each type (IP or IPX) to a service at one time. For
example, although you can define two ACLs, “ipacl1” and “ipacl2”, you cannot apply
them both to the same service.
Examples
Here are some examples of ACL commands for applying ACLs to services.
ssr(config)# acl 100 permit udp 10.4.3.33
ssr(config)# acl 100 apply service snmp
The above commands permit access to the SNMP agent only from the host
10.4.3.33 (presumably an SNMP management station).
ssr(config)# acl 120 permit tcp 10.4.7.0/24 <1024
ssr(config)# acl 120 apply service telnet logging on
The above commands permit access to the Telnet server from hosts on the subnet
10.4.7.0/24 with a privileged source port. In addition, with logging enabled, all
incoming Telnet accesses are logged to the console.
ssr(config)# acl 140 permit ip 10.12.4.0/24 any 10.12.7.44 any
ssr(config)# acl 120 apply service http
The above commands permit access to the HTTP web server from subnet
10.12.4.0/24. Notice that even though the destination address and port are
specified for this ACL (10.12.7.44 and any port), they are ignored. This service
ACL will match only packets destined for the SSR itself and the well-known port
of the service (port 80 for HTTP).