4 lan ip filter, Lan ip filter, Command – FUJITSU XG Series P3NK-4452-01ENZD User Manual

XG Series User's Guide

Chapter 5 Command Reference

LAN Information Settings

186

5.5.1.4

lan ip filter

Function

Set the IP filter.

Available Model

XG0224 / XG0448 / XG2600

Syntax

lan [] ip filter acl

Options

• lan definition number

Specify a lan definition serial number with a decimal value.
The default is 0.

• Filtering definition number

Specify a definition number, which indicates a filtering priority, with a decimal value.
The specified value is sorted and renumbered in sequence. If a filtering definition with
the same value already exists, the existing one will be changed.

Set whether or not to transmit the packet to be filtered.
• pass

Transmit the relevant packet.

• reject

Block the relevant packet.

• ACL definition number

Specify the required ACL definition number with a decimal value.
If the ACL specified in is not defined, the filtering definition will be disabled
and ignored.
Use the following ACL definition for IP filter.
- ip

If the ip value is not set, the filtering definition will be disabled and ignored.

- tcp

Available only when "6" is set in of ip.
Otherwise, the set value is ignored.
If the tcp value is not set while "6" is set in of ip, each value of tcp will be
assumed to be "any".

- udp

Available only when "17" is set in of ip.
Otherwise, the set value is ignored.
If the udp value is not set while "17" is set in of ip, each value of udp is
assumed to be "any".

- icmp

Available only when "1" is set in of ip.
Otherwise, the set value is ignored.
If the icmp value is not set while "1" is set in of ip, each value of icmp will
be assumed to be "any".

Use Mode

Configuration mode (admin class)

Range

Model

0 to 511

XG0224 / XG0448

0 to 63

XG2600