3Com Wireless LAN WX1200 User Manual

460

C

HAPTER

14: S

ECURITY

ACL C

OMMANDS

By ICMP packets

Syntax —

set security acl ip

acl-name

{permit

[cos

cos] |

deny}

icmp

{source-ip-addr

mask

destination-ip-addr

mask

[type

icmp-type] [code

icmp-code] [precedence

precedence ] [tos

tos]

[before

editbuffer-index

|

modify

editbuffer-index] [hits]

By TCP packets

Syntax —

set

security

acl

ip

acl-name

{permit

[cos

cos] |deny}

tcp

{source-ip-addr

mask

[operator

port

[port2]]

destination-ip-addr

mask

[operator

port

[port2]]}

[precedence

precedence] [tos

tos] [established] [before

editbuffer-index

|

modify

editbuffer-index] [hits]

By UDP packets

Syntax —

set

security

acl

ip

acl-name

{permit

[cos cos]

|

deny}

udp

{source-ip-addr

mask

[operator port

[port2]]

destination-ip-addr

mask

[operator port

[port2]]}

[precedence

precedence]

[tos

tos]

[before

editbuffer-index

|

modify

editbuffer-index]

[hits]

„

acl-name

— Security ACL name. ACL names must be unique within

the WX switch, must start with a letter, and are case-insensitive.
Specify an ACL name of up to 32 of the following characters:

„

Letters a through z and A through Z

„

Numbers 0 through 9

„

Hyphen (-), underscore (_), and period (.)

3Com recommends that you do not use the same name with different
capitalizations for ACLs. For example, do not configure two separate
ACLs with the names acl_123 and ACL_123.

In an ACL name, do not include the term all, default-action, map,
help, or editbuffer.

„

permit

— Allows traffic that matches the conditions in the ACE.

„

cos cos

— For permitted packets, a class-of-service (CoS) level for

packet handling. Specify a value from 0 through 7:

„

1 or 2—Background. Packets are queued in MAP forwarding
queue 4.