beautypg.com

Access-list hardware tcp udp filter) – Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

Page 879

background image

IPv4 Hardware Access Control List (ACL) Commands

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

34.33

(access-list hardware TCP UDP filter)

Use this ACL filter to add a TCP or UDP filter entry to the current hardware access-list. The
filter will match on any TCP or UDP type packet that has the specified source and
destination IP addresses. The parameter any may be specified if an address does not
matter. If a sequence number is specified, the new filter is inserted at the specified
location. Otherwise, the new filter is added at the end of the access-list.

The no variant of this command removes a TCP or UDP filter entry from the current
hardware access-list. You can specify the TCP or UDP filter entry for removal by entering
either its sequence number (e.g. no 10), or by entering its TCP or UDP filter profile
without specifying its sequence number.

Note that the sequence number can be found by running the

show access-list (IPv4

Hardware ACLs) command on page 34.37

.

Syntax

[tcp|udp]

[<sequence-number>]

{deny|permit|send-to-cpu|copy-to-cpu|copy-to-mirror}

{tcp|udp}

[

<

source>|

eq <sourceport>|gt <sourceport>|lt <sourceport>|

ne <sourceport>|range <start-range> <end-range>]

[estination>|

eq <destport>|gt <destport>|lt <destport>|

ne <destport>|range <start-range> <end-range>]

no {deny|permit|send-to-cpu|copy-to-cpu|copy-to-mirror}

{tcp|udp}

[

<

source>|

eq <sourceport>|gt <sourceport>|lt <sourceport>|

ne <sourceport>|range <start-range> <end-range>]

[estination>|

eq <destport>|gt <destport>|lt <destport>|

ne <destport>|range <start-range> <end-range>]

no <sequence-number>

Parameter

Description

<sequence-number>

<1-65535>
The sequence number for the filter entry of the
selected access control list.

deny

Access-list rejects packets that match the source and
destination filtering specified with this command.

permit

Access-list permits packets that match the source and
destination filtering specified with this command.

send-to-cpu

Specify packets to send to the CPU.

copy-to-cpu

Specify packets to copy to the CPU.

copy-to-mirror

Specify packets to copy to the mirror port.

tcp

TCP packets.

udp

UDP packets.

See also other documents in the category Allied Telesis Computer hardware: