Manualshelf

Specifications

ManualsBrandsCabletron Systems ManualsComputer equipmentSmartSwitch Router
31323334353637383940
Table Of Contents
Chapter 1: acl Commands
SSR Command Line Interface Reference Manual 1 - 19
acl permit|deny tcp
Purpose
Create a TCP ACL.
Format
acl
<name>
permit|deny tcp
<SrcAddr/Mask> <DstAddr/Mask>
<SrcPort> <DstPort> <tos>
Mode
Configure
Description
The
acl
permit
tcp
and
acl
deny
tcp
commands define an ACL to allow or block
TCP traffic from entering or leaving the SSR. For each of the values describing a flow,
you can use the keyword
any
to specify a wildcard (“don’t care”) condition. If you do
not specify a value for a field, the SSR applies a wildcard condition to the field, giving
the same effect as if you specify the
any
keyword.
Parameters
<name>
Name of this ACL. You can use a string of characters or a
number.
<SrcAddr/Mask>
The source address and the filtering mask of this flow. If the
source address is a network or subnet address, you must sup-
ply the filtering mask. Generally, the filtering mask is the net-
work mask of this network or subnet. If the source address is
that of a host then no mask is required. By default, if a mask
is not supplied, the source address is treated as that of a host.
You can specify the mask using the traditional IP address for-
mat (“255.255.0.0”) or the CIDR format (“/16”).
<DstAddr/Mask>
The destination address and the filtering mask of this flow.
The same requirements and restrictions for
<SrcAddr/Mask>
apply to
<DstAddr/Mask>
.
<SrcPort>
For TCP or UDP, the number of the source TCP or UDP port.
This field applies only to incoming TCP or UDP traffic.
You
can specify a range of port numbers using operator symbols;
for example, 10-20 (between 10 and 20 inclusive), >1024
(greater than 1024), <1024 (less than 1024), !=1024 (not
equal to 1024). The port numbers of some popular services