beautypg.com

IBM SC30-3865-04 User Manual

Page 302

background image

set executor maximum broadcast routers 10

module access-control

circuit-specifier argument

(define only) Defines access control lists, which are used to restrict the
forwarding of packets between certain origins and destinations. Each
access list is associated with one circuit, and applies to DECnet Long
Format Data Packets received on that circuit. Access control does not apply
to any routing or hello packets.

The arguments for the circuit-specifiers include the following:

all circuits

Specifies all circuits on the router.

circuit name

Specifies the named circuit.

known circuits

Specifies all circuits on the router.

The following items are the arguments you select from after you enter the
define module access-control command and the circuit-specifier:

state on

Enables the access control list on this circuit.

state off

Disables the access control list on this circuit.

type exclusive

Specifies that any packets matching one or more of the filters in the
access control list for this interface will be dropped.

type inclusive

Specifies that only packets matching one or more of the filters in
the access control list for this interface will be forwarded.

filter [source-result source-mask dest-result dest-mask]

Adds a filter to the list for the specified circuit. The filter is added to
the end of the existing list.

The source address is masked with the source-mask, and
compared to the source-result. The same is done with the
dest-mask and dest-result. The action depends on what type of
access control is in use on the circuit.

The following items are the options you select from after you enter the
define module access-control command and the filter circuit-specifier:

source-result

Address that the source address is compared to after masking.

source-mask

Mask used for the source address.

dest-result

Address that the destination address is compared to after masking.

dest-mask

Mask used for the destination address.

Example:

define module access-control circuit eth/0 state on

DNA IV Configuration and Monitoring Commands

272

MRS V3.2 Protocol Config Ref Vol 2

See also other documents in the category IBM Hardware: