User manual

Motorola RF Switch CLI Reference Guide

14-20

14.1.8 permit



Extended ACL Config Commands

Permits specific packets.

Supported in the following platforms:

• RFS7000

• RFS6000

Syntax

permit[icmp|ip|tcp|upd]

permit icmp [<source-IP/Mask>|any|host <ip>] [<dest-IP/

Mask>|any|host <IP>] {<ICMP-type> {<ICMP-code>}} {log}

{rule-precedence <1-5000>]}

permit ip [<source-IP/Mask>|any|host <IP>] [<dest-IP/

mask>|any|host <IP>] {log} {rule-precedence <1-5000>}

permit [tcp|udp] [<source-ip/mask>|any|host <IP>] {eq

<source-port>|range <starting-source-port> <ending-source-

port>} [<dest-IP/Mask|any|host <IP>] {eq <source-port>}

{range <starting-source-port> <ending-source-port>} {log}

{rule-precedence <1-5000>}

NOTE: ACLs do not allow DHCP messages to flow by default. Configure

an Access Control Entry (ACE) to allow DHCP messages to flow through.

RFSwitch(config-ext-nacl)#permit ip xxx.xxx.xxx.xxx/

x 192.168.2.0/24

RFSwitch(config-ext-nacl)#permit ip any host

xxx.xxx.xxx.xxx

RFSwitch(config-ext-nacl)#