Manualshelf

Hub/Switch Reference Guide

ManualsBrandsNortel Networks ManualsSwitch2300 Series
461462463464465466467468469470
Security ACL Commands 465
Nortel WLAN—Security Switch 2300 Series Command Line Reference
By UDP packets
set security acl ip acl-name {permit [cos cos] | deny} udp {source-ip-addr mask | any
[operator port [port2]]} {destination-ip-addr mask | any [operator port [port2]]}
[[precedence precedence][tos tos] | [dscp codepoint]] [before editbuffer-
index | modify editbuffer-index] [hits]
acl-name Security ACL name. ACL names must be unique within the WSS
switch, must start with a letter, and are case-insensitive. Specify an
ACL name of up to 32 of the following characters:
Letters a through z and A through Z
Numbers 0 through 9
Hyphen (-), underscore (_), and period (.)
Nortel recommends that you do not use the same name with
different capitalizations for ACLs. For example, do not configure
two separate ACLs with the names acl_123 and ACL_123.
Note: In an ACL name, do not include the term all, default-action,
map, help, or editbuffer.
permit Allows traffic that matches the conditions in the ACE.
cos cos For permitted packets, a class-of-service (CoS) level for packet
handling. Specify a value from 0 through 7:
1 or 2—Background. Packets are queued in AP
forwarding queue 4.
0 or 3—Best effort. Packets are queued in AP
forwarding queue 3.
4 or 5—Video. Packets are queued in AP
forwarding queue 2.
Use CoS level 4 or 5 for voice over IP (VoIP)
packets other than SpectraLink Voice Priority
(SVP).
6 or 7—Voice. Packets are queued in AP forwarding
queue 1.
Use 6 or 7 only for VoIP phones that use SVP, not
for other types of traffic
deny Blocks traffic that matches the conditions in the ACE.