Specifications

ManualsBrandsEnterasys ManualsComputer equipmentC2K122-24

311

312

313

314

315

316

317

318

319

320

set policy rule

SecureStack C3 Configuration Guide 8-11

set policy rule

UsethiscommandtoassignincominguntaggedframestoaspecificpolicyprofileandtoVLANor

Class‐of‐Serviceclassificationrules.

Syntax

Thiscommandhastwoformsofsyntax—onetocreateanadminrule(forpolicyID0),andthe

othertocreateaclassificationruleandattach ittoapolicyprofile.

set policy rule admin-profile {vlantag data [mask mask] admin-pid profile-index}

[port-string port-string]

set policy rule profile-index {ipproto | ipdestsocket | ipsourcesocket | iptos |

tcpdestport | tcpsourceport | udpdestport | udpsourceport} data [mask mask] [vlan

vlan] [cos cos] | [drop | forward]

Parameters

Thefollowingparametersapplytocreatinganadminrule.

Thefollowingparametersapplytocreatingaclassificationrule.

Note: Classification rules are automatically enabled when created.

admin‐profile SpecifiesthatthisisanadminruleforpolicyID0.

vlantagdata ClassifiesbasedonVLANtagspecifiedbydata.Valueofdatacanrange

from1to4094or0xFFF.

maskmask (Optional)Specifiesthenumberofsignificantbitstomatch,dependent

onthedatavalueentered.Valueof

maskcanrangefrom1to12.

RefertoTable 8‐3forvalidvaluesforeachclassificationtypeanddata

value.

admin‐pid

profile‐index

Associatesthisadminrulewithapolicyprofile,identifiedbyitsindex

number.Policyprofilesareconfiguredwiththesetpolicyprofile

commandasdescribed

in“setpolicyprofile”onpage 8‐4.

Validprofile‐indexvaluesare1‐255.

port‐stringport‐string (Optional)Assignsthisruletothespecifiedpolicyprofileonspecific

ingressport(s).Rulewouldnotbeuseduntilpolicyisassignedtothe

specifiedport(s)usingthesetpolicyportcommand

asdescribedin“set

policyport”onpage 8‐15 .

profile‐index Specifiesapolicyprofilenumbertowhichthisrulewillbeassigned.

Policyprofilesareconfiguredwiththesetpolicyprofilecommandas

describedin“setpolicyprofile”onpage 8‐4.Validprofile‐indexvaluesare

1‐255.

ipproto ClassifiesbasedonProtocolfieldinIPpacket.

ipdestsocket Classifies

basedondestinationIPaddresswithoptionalpost‐fixedport.

ipsourcesocket ClassifiesbasedonsourceIPaddress,withoptionalpost‐fixedport.

iptos ClassifiesbasedonTypeofServicefieldinIPpacket.

tcpdestport ClassifiesbasedonTCPdestinationport.