Specifications

ManualsBrandsCisco ManualsComputer equipmentContent Delivery Engine 100/200/300/400

131

132

133

134

135

136

137

138

139

140

4-70

Cisco Internet Streamer CDS 2.0-2.3 Software Configuration Guide

OL-13493-04

Chapter 4 Configuring Devices

Configuring the Service Engine

g. When you have finished adding conditions to the IP ACL, and you are satisfied with all your entries

and the order in which the conditions are listed, click Submit in the Modifying IP ACL page to

commit the IP ACL to the device database.

A green “Change submitted” indicator appears in the lower right corner of the Modifying IP ACL

page to indicate that the IP ACL is being submitted to the device database.

Table 4-33 Extended IP ACL Conditions

Field Default Value Description Extended Type

Purpose

Permit Specifies whether a packet is to be passed (Permit) or dropped

(Deny).

Generic, TCP,

UDP, ICMP

Protocol ip Internet protocol (gre, icmp, ip, tcp, or udp). To match any

Internet protocol, use the ip keyword.

Generic

Established Unchecked (false) When checked, a match with the ACL condition occurs if the

TCP datagram has the ACK or RST bits set, indicating an

established connection. Initial TCP datagrams used to form a

connection are not matched.

TCP

Source IP

0.0.0.0 IP address of the network or host from which the packet is being

sent, specified as a 32-bit quantity in 4-part dotted decimal

format.

Generic, TCP,

UDP, ICMP

Source IP Wildcard

255.255.255.255 Wildcard bits to be applied to the source, specified as a 32-bit

quantity in 4-part dotted decimal format. Place a 1 in the bit

positions that you want to ignore and identify bits of interest

with a 0.

Generic, TCP,

UDP, ICMP

Source Port 1 0 Decimal number or name of a port. Valid port numbers are 0 to

65535. See Table 4-34 and Table 4-35 for port name

descriptions and associated port numbers.

TCP, UDP

Valid TCP port names are as

follows:

• domain

• exec

• ftp

• ftp-data

• https

• nfs

• rtsp

• ssh

• telnet

• www

Valid UDP port names are as

follows:

• bootpc

• bootps

• domain

• netbios-dgm

• netbios-ns

• netbios-ss

• nfs

• ntp

• snmp

• snmptrap

Source Operator range Specifies how to compare the source ports against incoming

packets. Choices are <, >, ==, !=, or range.

TCP, UDP

Source Port 2 65535 Decimal number or name of a port. See Source Port 1. TCP, UDP