Specifications

ManualsBrandsEnterasys ManualsComputer equipmentRoamAbout RBT-8100

301

302

303

304

305

306

307

308

309

310

Creating and Committing a Security ACL

RoamAbout Mobility System Software Configuration Guide 15-7

Setting TCP and UDP ACLs

SecurityACLscanfilterTCP andUDPpacketsbysourceand destinationIPaddress,precedence,

andTOSlevel.YoucanapplyaTCPACLtoestablishedTCPsessionsonly,nottonewTCP

sessions.Inaddition,securityACLsforTCPandUDPcanfilterpacketsaccordingtoasourceport

thesourceIPaddressand/oradestinationportonthedestinationIPaddress,ifyouspecifya

portnumberandanoperatorintheACE.(ForalistofTCPandUDPportnumbers,see

www.iana.org/assignments/port‐numbers.)

Theoperatorindicateswhethertofilterpacketsarrivingfromordestinedfora

portwhose

numberisequalto(eq),greaterthan(gt),lessthan(lt),notequalto(neq),orinarangethat

includes(range)thespecifiedport.TospecifyarangeofTCPorUDPports,youenterthe

beginningandendingportnumbers.

Table 15-3 Common ICMP Message Types and Codes

ICMP Message Type (Number) ICMP Message Code (Number)

Echo Reply (0) None

Destination Unreachable (3) • Network Unreachable (0)

• Host Unreachable (1)

• Protocol Unreachable (2)

• Port Unreachable (3)

• Fragmentation Needed (4)

• Source Route Failed (5)

Source Quench (4) None

Redirect (5) • Network Redirect (0)

• Host Redirect (1)

• Type of Service (TOS) and Network Redirect (2)

• TOS and Host Redirect (3)

Echo (8) None

Time Exceeded (11) • Time to Live (TTL) Exceeded (0)

• Fragment Reassembly Time Exceeded (1)

Parameter Problem (12) None

Timestamp (13) None

Timestamp Reply (14) None

Information Request (15) None

Information Reply (16) None

Note: The CLI does not accept port names in ACLs. To filter on ports by name, you must use

RoamAbout Switch Manager. For more information, see the RoamAbout Switch Manager Interface

Reference.