Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

914

Brocade Mobility RFS Controller CLI Reference Guide

53-1003098-01

12

permit [tcp|udp] [||any|from-vlan

|host ]

[||any|eq |host

|range ] [eq [<1-65535>||

bgp|dns|ftp|ftp-data|gopher|https|ldap|nntp|ntp|pop3|sip|smtp|ssh|telnet|tftp

|www]|

range ] (log,rule-precedence <1-5000>)

{(rule-description )}

tcp

Applies this permit rule to TCP packets only

udp

Applies this deny rule to UDP packets only

This keyword is common to the ‘tcp’ and ‘udp’ parameters.
Specifies the source IP address and mask (A.B.C.D/M) to match. TCP/UDP packets received from the
specified sources are permitted.

-NAME>

This keyword is common to the ‘tcp’ and ‘udp’ parameters.
Applies a network-group alias to identify the source IP addresses. TCP/UDP packets received from the VLANs
identified here are permitted.

•

– Specify the network-group alias name (should be existing and
configured).

After specifying the source and destination IP address(es), specify the action taken in case of a match.

any

This keyword is common to the ‘tcp’ and ‘udp’ parameters.
Specifies the source as any source IP address. TCP/UDP packets received from any source are permitted.

from-vlan

This keyword is common to the ‘tcp’ and ‘udp’ parameters.
Specifies a single VLAN or a range of VLANs as the match criteria. TCP/UDP packets received from the VLANs
identified here are permitted.

•

– Specify the VLAN ID. To configure a range of VLANs, enter the start and end VLAN IDs
separated by a hyphen (for example, 12-20).

Use this option with WLANs and port ACLs.

host

Identifies a specific host (as the source to match) by its IP address. TCP/UDP packets received from the
specified host are permitted.

•

– Specify the source host’s exact IP address in the A.B.C.D format.

This keyword is common to the ‘tcp’ and ‘udp’ parameters.
Sets the destination IP address and mask (A.B.C.D/M) to match. TCP/UDP packets addressed to the
specified destinations are permitted.

any

This keyword is common to the ‘tcp’ and ‘udp’ parameters.
Specifies the destination as any destination IP address. TCP/UDP packets received from any destination are
permitted.

eq

Identifies a specific source port

•

– Specify the exact source port.

host

Identifies a specific host (as the destination to match) by its IP address. TCP/UDP packets addressed to the
specified host are permitted.

•

– Specify the destination host’s exact IP address in the A.B.C.D format.

-NAME>

This keyword is common to the ‘tcp’ and ‘udp’ parameters.
Applies a network-group alias to identify the destination IP addresses. TCP/UDP packets destined to the
addresses identified in the network-group alias are permitted.

•

– Specify the network-group alias name (should be existing and
configured).

range

Specifies a range of source ports

•

– Specify the first port in the range.

•

– Specify the last port in the range.