Specifications
set security acl
Chapter 14
Security ACL Commands
463
operator port [port2] Operand and port number(s) for matching TCP or UDP
packets to the number of the source or destination port
on source-ip-addr or destination-ip-addr. Specify one
of the following operands and the associated port:
• eq—Packets are filtered for only port number.
• gt—Packets are filtered for all ports that are greater
than port number.
• lt—Packets are filtered for all ports that are less
than port number.
• neq—Packets are filtered for all ports except port
number.
• range—Packets are filtered for ports in the range
between port and port2. To specify a port range,
enter two port numbers. Enter the lower port
number first, followed by the higher port number.
(For a complete list of TCP and UDP port numbers, see
www.iana.org/assignments/port-numbers.)
destination-ip-addr
mask | any
IP address and wildcard mask of the network or host to
which the packet is being sent. Specify both address
and mask in dotted decimal notation. For more
information, see “Wildcard Masks” on page 8.
To match on any address, specify any or
0.0.0.0 255.255.255.255.
type icmp-type Filters ICMP messages by type. Specify a value from 0
through 255. (For a list of ICMP message type and
code numbers, see www.iana.org/assignments/
icmp-parameters.)
code icmp-code For ICMP messages filtered by type, additionally filters
ICMP messages by code. Specify a value from 0
through 255. (For a list of ICMP message type and
code numbers, see www.iana.org/assignments/
icmp-parameters.)