Command Reference Guide

ManualsBrandsHP ManualsRoutersHP 5000 Router Series

2251

3Com Router 5000 Family and Router 6000 Family rule ● 257

Command Reference

permit

Permits matched packets.

comment text

Specifies a comment for each rule.

protocol

Protocol type over IP expressed by name or number.

The number range is from 0 to 255, and the name

range covers gre, icmp, igmp, ip, ipinip, ospf, tcp and

udp.

source

Optional, specify source address information of ACL

rule. If it is not configured, it indicates that any source

address of the packets matches.

sour-addr

Source IP address of packets in dotted decimal format.

Or use "any" to represent the source address 0.0.0.0

with the wildcard 255.255.255.255.

sour-wildcard

Source address wildcard in dotted decimal format.

Inputting “0” indicates that the wildcard is 0.0.0.0. It

represents a host with the address specified by

parameter

sour-addr.

destination

Optional, specify destination address information of

ACL rule. If it is not configured, it indicates that any

destination address of the packets matches.

dest-addr

Destination IP address of packets in dotted decimal

format. Or use "any" to represent the destination

address 0.0.0.0 with the wildcard 255.255.255.255.

dest-wildcard

Destination address wildcard in dotted decimal format.

Inputting “0” indicates that the wildcard is 0.0.0.0. It

represents a host with the address specified by

parameter

dest-addr.

icmp-type

Optional, specify ICMP packet type and ICMP message

code, only valid when packet protocol is ICMP. If it is

not configured, it indicates any ICMP packet matches.

icmp-type

ICMP packet can be filtered according to ICMP

message type. It is a number ranging from 0 to 255.

icmp-code

ICMP packets that can be filtered according to ICMP

message type can also be filtered according to

message code. It is a number ranging from 0 to 255.

icmp-message

ICMP packets can be filtered according to ICMP

message type or ICMP message code.

source-port

Optional, specify source port information of UDP or

TCP packets, valid only when the protocol specified by

the rule is TCP or UDP. If it is not specified, it indicates

that any source port information of TCP/UDP packets

matches.

destination-port

Optional, specify destination port information of UDP

or TCP packets, valid only when the protocol specified

by the rule is TCP or UDP. If it is not specified, it

indicates that any destination port information of

TCP/UDP packets matches.

operator

Optional, comparison between port number of source

or destination address. Their names and meanings are

as follows: lt (lower than), gt (greater than), eq (equal