Reference Guide

ManualsBrandsDell ManualsNetworkingForce10 S25-01-GE-24P

231

232

233

234

235

236

237

238

239

240

Access Control Lists (ACL) | 237

permit icmp

Configure a filter to allow all or specific ICMP messages.

Syntax

permit icmp {source mask | any | host ip-address} {destination mask | any | host

ip-address} [dscp] [message-type] [count [byte] | log] [order] [monitor] [fragments]

To remove this filter, you have two choices:

• Use the no seq sequence-number command syntax if you know the filter’s sequence number

• Use the no permit icmp {source mask | any | host ip-address} {destination mask | any |

host ip-address} command.

Parameters

Defaults

Not configured

Command Modes

CONFIGURATION-STANDARD-ACCESS-LIST

Command

History

source

Enter the IP address of the network or host from which the packets were sent.

mask

Enter a network mask in /prefix format (/x) or A.B.C.D. The mask, when specified in

A.B.C.D format, may be either contiguous or non-contiguous.

any Enter the keyword any to specify that all routes are subject to the filter.

host ip-address Enter the keyword host followed by the IP address to specify a host IP address.

destination

Enter the IP address of the network or host to which the packets are sent.

dscp

Enter this keyword to deny a packet based on DSCP value.

Range: 0-63

message-type

(OPTIONAL) Enter an ICMP message type, either with the type (and code, if

necessary) numbers or with the name of the message type (ICMP message types are

listed in Table 9-2).

Range: 0 to 255 for ICMP type; 0 to 255 for ICMP code

count (OPTIONAL) Enter the keyword count to count packets processed by the filter.

byte (OPTIONAL) Enter the keyword byte to count bytes processed by the filter.

log (OPTIONAL, E-Series only) Enter the keyword log to have the information kept in

an ACL log file.

order (OPTIONAL) Enter the keyword order to specify the QoS priority for the ACL

entry.

Range: 0-254 (where 0 is the highest priority and 254 is the lowest; lower order

numbers have a higher priority)

Default: If the order keyword is not used, the ACLs have the lowest order by default

(255).

monitor (OPTIONAL) Enter the keyword monitor to monitor traffic on the monitoring

interface specified in the flow-based monitoring session along with the filter

operation.

fragments Enter the keyword fragments to use ACLs to control packet fragments.

Version 8.3.1.0

Added

dscp keyword.

Version 8.2.1.0 Allows ACL control of fragmented packets for IP (Layer 3) ACLs.

Version 8.1.1.0 Introduced on E-Series ExaScale