Specifications

ManualsBrandsEnterasys ManualsComputer equipmentN Standalone (NSA) Series

811

812

813

814

815

816

817

818

819

820

access-list (extended) Configuring Access Lists

Enterasys Matrix N Standalone (NSA) Series Configuration Guide 24-19

Defaults

•Ifinsert,replace,ormovearenotspecified,thenew entrywillbeappendedtotheaccesslist.

•Ifsource2isnotspecifiedwithmove,onlyoneentrywillbemoved.

•Ificmp‐typeandicmp‐codearenotspecified,ICMPparam eterswillbeappliedtoallICMP

messagetypes.

•If

operatorandportarenotspecified,accessparameterswillbeappliedtoallTCPorUDP

ports.

destination Specifiesthenetworkorhosttowhichthepacketwillbesent.Valid

optionsforexpressingdestinationare:

•IPaddress(A.B.C.D)

• any‐Anydestinationhost

• hostsource‐IPaddressofasingledestination

host

destination‐

wildcard

(Optional)Specifiesthebitstoignoreinthedestinationaddress.

icmp‐type (Optional)FiltersICMPframesbyICMPmessage type.Thetypeisa

numberfrom0to255.

icmp‐code (Optional)FurtherfiltersICMPframesfilteredbyICMPmessagetype

bytheirICMPmessagecode.Thecodeisa

numberfrom0to255.

operatorport (Optional)AppliesaccessrulestoTCPorUDPsourceordestination

portnumbers.Possibleoperandsinclude:

• ltport‐Matchonlypacketswithalowerportnumber.

• gtport‐Matchonlypacketswithagreaterportnumber.

• eqport‐Matchonlypacketsona

givenportnumber.

• neqport‐Matchonlypacketsnotonagivenportnumber.

• rangemin‐sportmax‐sport‐Matchonlypacketsintherangeof

sourceports

• rangemin‐dportmax‐dport‐Matchonlypacketsintherangeof

destinationports.

tos‐extensions (Optional)Appliesaccessrulesto

theprecedenceand/ortosfields,orto

theDiffServfield.Thatis,youcanspecifyoneorbothprecedenceand

tosfields,oryoucanspecifytheDiffServfield.Usethefollowing

keyword/valuepairstospecifythetos‐extensions:

•precedencevalue(0‐7)‐MatchpacketsbasedontheIPprecedence

value.

• tosvalue(0‐15)‐MatchpacketsbasedontheIPTypeofService

value.

• dscpvalue(0‐63)‐MatchpacketsbasedontheDiffservcodepoint

value.

established (Optional)AppliesTCPrestrictionstoestablishedconnectionsonly.

log (Optional)Enabletherulebeingconfiguredforsyslog.