Release Notes
Parameter Description
Service Network service, which can be one of the following:
l An IP protocol number (0-255).
l The name of a network service (use the show netservice command to see configured
services).
l any: Matches any traffic.
l tcp: A TCP port number (0-65535).
l destination port number: specify the TCP port number (0-65535)
l source: TCP/UDP source port number
l udp: A UDP port number (0-65535).
Action Action if rule is applied, which can be one of the following:
deny: Reject packets.
dst-nat: Perform destination NAT on packets.
dual-nat: Perform both source and destination NAT on packets.
permit: Forward packets.
redirect: Specify the location to which packets are redirected, which can be one of the
following:
l Datapath destination ID (0-65535).
l esi-group: Specify the ESI server group configured with the esi group command
l opcode: Specify the datapath destination ID (0x33, 0x34, or 0x82). Do not use this
parameter without proper guidance from Dell.
tunnel: Specify the ID of the tunnel configured with the interface tunnel command.
src-nat: Perform source NAT on packets.
Timerange Any defined time range for this rule.
Log Shows if the rule was configured to generate a log message when the rule is applied.
Expired Shows if the rule has expired.
Queue Shows if the rule assigns a matching flow to a priority queue (high/low).
Tos
8021.p 802.11p priority level applied by the rule (0-7).
Blacklist Shows if the rule should blacklist any matching user.
Mirror Shows if the rule was configured to mirror all session packets to datapath or remote
destination.
DisScan Shows if the rule was configured to pause ARM scanning while traffic is present.
IPv4/6 Shows the IP version.
Related Commands
Command Description
ip access-list session
Configure an access list for an interface.
Command History
Introduced in ArubaOS 3.0.
Dell Networking W-Series ArubaOS 6.4.x | Reference Guide show ip access-list | 1396