Manualshelf

Reference Guide

ManualsBrandsDell ManualsDesktopPOWERCONNECT 5524
711712713714715716717718719720
703
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Dell Contax
CLI\files\ACL.fm
DELL CONFIDENTIAL – PRELIMINARY 2013 - FOR PROOF ONLY
request (128), echo-reply (129), mld-query (130), mld-report (131),
mldv2-report (143), mld-done (132), router-solicitation (133), router-
advertisement (134), nd-ns (135), nd-na (136). (Range: 0–255)
icmp-code
—Specifies an ICMP message code for filtering ICMP packets.
(Range: 0–255)
destination-port
—Specifies the UDP/TCP destination port. You can
enter a range of ports by using a hyphen. E.g. 20 - 21. For TCP enter a
number or one of the following values: bgp (179), chargen (19), daytime
(13), discard (9), domain (53), drip (3949), echo (7), finger (79), ftp (21),
ftp-data 20), gopher (70), hostname (42), irc (194), klogin (543), kshell
(544), lpd (515), nntp (119), pop2 (109), pop3 (110), smtp (25), sunrpc
(1110, syslog (514), tacacs-ds (49), talk (517), telnet (23), time (37), uucp
(117), whois (43), www (80). For UDP enter a number or one of the
following values: biff (512), bootpc (68), bootps (67), discard (9), dnsix
(90), domain (53), echo (7 ), mobile-ip (434), nameserver (42), netbios-
dgm (138), netbios-ns (137), non500-isakmp (4500), ntp (123), rip (520),
snmp (161), snmptrap (162), sunrpc (111), syslog (514), tacacs (49), talk
(517), tftp (69), time (37), who (513), xdmcp (177). (Range: 0–65535)
source-port
—Specifies the UDP/TCP source port. Predefined port names
are defined in the destination-port parameter. (Range: 0–65535)
match-all
list-of-flags
—List of TCP flags that should occur. If a flag
should be set it is prefixed by “+”.If a flag should be unset it is prefixed by
“-”. Available options are +urg, +ack, +psh, +rst, +syn, +fin, -urg, -ack, -
psh, -rst, -syn and -fin. The flags are concatenated to a one string. For
example: +fin-ack.
time-range-name—Name of the time range that applies to this permit
statement. (Range: 1–32)
disable-port
—The Ethernet interface would be disabled if the condition
is matched.
log-input
—Specifies to send an informational syslog message about the
packet that matches the entry. Because forwarding is done in hardware and
logging is done in software, if a large number of packets match a deny ACE
containing a log-input keyword, the software might not be able to match
the hardware processing rate, and not all packets will be logged.