Users Guide
Parameter Description
l any: Matches any traffic.
l host: A single host IP address.
l network: The IP address and netmask.
l user: The IP address of the user.
l localip: The set of all local IP addresses on the system, on which the ACL is applied.
Destination The traffic destination, which can be one of the following:
l alias: The network resource (use the netdestination command to configure aliases;
use the show netdestination command to see configured aliases)
l any: Matches any traffic.
l host: A single host IP address.
l network: An IP address and netmask.
l user: The IP address of the user.
l localip: The set of all local IP addresses on the system, on which the ACL is applied.
Service Network service, which can be one of the following:
l An IP protocol number (0-255).
l The name of a network service (use the show netservice command to see configured
services).
l any: Matches any traffic.
l tcp: A TCP port number (0-65535).
l destination port number: specify the TCP port number (0-65535)
l source: TCP/UDP source port number
l udp: A UDP port number (0-65535).
Application
Name of the application to which the access control list is applied. (For a complete list of sup-
ported applications, issue the command show dpi application all.)
Action Action if rule is applied, which can be one of the following:
deny: Reject packets.
dst-nat: Perform destination NAT on packets.
dual-nat: Perform both source and destination NAT on packets.
permit: Forward packets.
redirect: Specify the location to which packets are redirected, which can be one of the
following:
l Datapath destination ID (0-65535).
l esi-group: Specify the ESI server group configured with the esi group command
l opcode: Specify the datapath destination ID (0x33, 0x34, or 0x82). Do not use this
parameter without proper guidance from Dell.
tunnel: Specify the ID of the tunnel configured with the interface tunnel command.
src-nat: Perform source NAT on packets.
Dell Networking W-Series ArubaOS 6.4.x | User Guide show ip access-list | 1580