Allied Telesis AT-8100 Series User Manual

Chapter 99: ACL Commands

1586

lt

Matches packets that are less than the TCP port number specified
by the SRC_TCP_PORT or DST_TCP_PORT parameter.

gt

Matches packets that are greater than the TCP port number
specified by the SRC_TCP_PORT or DST_TCP_PORT
parameter.

ne

Matches packets that are not equal to the TCP port number
specified by the SRC_TCP_PORT or DST_TCP_PORT
parameter.

range

Matches packets with TCP port numbers within the range.
Separate the numbers of the range by a space, for instance:

range 4 10

src_tcp_port

Specifies the source TCP port number. The range is 0 to 65535.
Omit this parameter if you are entering a range of TCP port
numbers.

dst_ipaddress

Specifies the destination IP address of the ingress packets the
access list should filter. Here are the possible options:

any: Matches any IP address.

ipaddress/mask: Matches packets that have a destination IP
address of a specific subnet or end node.

host ipaddress: Matches packets with a destination IP address
of a specific end node. The HOST keyword indicates that the
address is of a specific end node and that no mask is required.

dst_tcp_port

Specifies the destination TCP port number. The range is 0 to
65535. Omit this parameter if you are entering a range of port
numbers.

vlan

Indicates a VLAN identifier. Specify a VLAN if you want the ACL to
filter tagged packets. Omit a VLAN if you want the ACL to filter
untagged packets. Specify a value between 1 and 4094. You can
enter only one VID.