Quick Reference Guide

ManualsBrandsDell ManualsserversDell PowerConnect 3524

101

102

103

104

105

106

107

108

109

110

104 ACL Commands

www.dell.com | support.dell.com

DELL CONFIDENTIAL – PRELIMINARY 5/15/12 – FOR PROOF ONLY

permit (IP)

The permit IP-Access List Configuration mode command permits traffic if the conditions defined

in the permit statement match.

Syntax

•

permit

{

any

protocol

} {

any

source source-wildcard

}} {

any

destination destination-

wildcard

}} [

dscp

number

ip-precedence

number

]

•

permit-icmp

{

any

source source-wildcard

}} {

any

destination destination-wildcard

}}

{

any

icmp-type

} {

any

icmp-code

} [

dscp

number

ip-precedence

number

]

•

permit-igmp

{

any

source source-wildcard

}} {

any

destination destination-wildcard

}}

{

any

igmp-type

} [

dscp

number

ip-precedence

number

]

•

permit-tcp

{

any

source source-wildcard

}} {

any

source-port

} {

any

destination

destination-

wildcard

}} {

any

destination-port

} [

dscp

number

ip-precedence

number

] [

flags

list-of-flags

]

[

src-port-wildcard

source-port-wildcard

] [

dst-port-wildcard

source-port-wildcard

]

•

permit-udp

{

any

source source-wildcard

}} {

any

source-port

} {

any

destination destination-

wildcard

}} {

any

destination-port

} [

dscp

number

ip-precedence

number

] [

src-port-wildcard

source-port-wildcard

] [

dst-port-wildcard

source-port-wildcard

]

•

source

— Specifies the source IP address of the packet.

•

source-wildcard

— Specifies wildcard bits to be applied to the sources IP address by placing

1s in bit positions to be ignored.

•

destination

— Specifies the destination IP address of the packet.

•

destination- wildcard

— Specifies wildcard bits to be applied to the destination IP address

by placing 1s in bit positions to be ignored.

•

protocol

— Specifies the name or the number of an IP protocol. Available protocol names:

icmp, igmp, ip, tcp, egp, igp, udp, hmp, rdp, idpr, idrp, rsvp, gre, esp, ah, eigrp, ospf,

ipip, pim, l2tp, isis

. (Range: 0 - 255)

•

dscp

number

— Specifies the DSCP value.

•

ip-precedence

number

— Specifies the IP precedence value.

•

icmp-type

— Specifies an ICMP message type for filtering ICMP packets. Enter a number or

one of the following values:

echo-reply, destination-unreachable, source-quench,

redirect, alternate-host-address, echo-request, router-advertisement, router-

solicitation, time-exceeded, parameter-problem, timestamp, timestamp-reply,

information-request, information-reply, address-mask-request, address-mask-reply,

traceroute, datagram-conversion-error, mobile-host-redirect, mobile-registration-

request, mobile-registration-reply, domain-name-request, domain-name-reply, skip,

photuris

. (Range: 0 - 255)

•

icmp-code

— Specifies an ICMP message code for filtering ICMP packets. (Range: 0 - 255)