beautypg.com

Brocade Communications Systems RFS6000 User Manual

Page 832

background image

830

Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide

53-1001931-01

AAP IP Filter config commands

27

Parameters

permit [all|icmp|tcp|udp]
[any|src-start-ip
srcend-ip ]
[any|dst-startip
dst-end-ip ]
[all|dst-start-port
<1-65535> dst-end-port
<1-65535>] rule <1-20>

Use with a permit command to allow IP packets

permit all - Permits all the protocols

permit icmp - Specifies ICMP as the protocol

permit [tcp|udp] - Specifies TCP or UDP as the protocol

The following parameters are common to all the protocols:

[any|src-start-ip src-end-ip ]- any is an
abbreviation for a source IP of 0.0.0.0 and end IP
255.255.255.255.

src-start-ip - The keyword is the
source IP address of the network. For example,
10.1.1.10/24 indicates the first 24 bits of the source IP
is used for matching

src-end-ip - The keyword is the source
end IP address of the network.

[any|dst-start-ip dst-end-ip ] - any is an
abbreviation for a destination start / end IP of the network.

dst-start-ip - Defines the destination start IP
address

dst-end-ip - Defines the destination end IP address

[all|dst-start-port <1-65535> dst-end-port <1-65535>] -
Accepts all the packets.

dst-start-port <1-65535> - Defines the destination start
port

dst-end-port <1-65535> - Defines the destination end
port

rule <1-20> - Define an integer value between 1 and 20. This
value sets the rule precedence on the AAP.

permit protocol <1-254>
[any|src-start-ip
srcend-ip ]
[any|dst-startip
dst-end-ip ]
[all|dst-start-port
<1-65535> dst-end-port
<1-65535>] rule <1-20>

Permits protocols between 1 and 254.

[any|src-start-ip src-end-ip ]- any is an abbreviation
for a source IP of 0.0.0.0 and end IP 255.255.255.255

src-start-ip - The keyword is the
source IP address of the network. For example,
10.1.1.10/24 indicates the first 24 bits of the source IP
is used for matching

src-end-ip - The keyword is the source
end IP address of the network

[any|dst-start-ip dst-end-ip ] - any is an
abbreviation for a destination start / end IP of the network.

dst-start-ip - Defines the destination start IP
address

dst-end-ip - Defines the destination end IP address

[all|dst-start-port <1-65535> dst-end-port <1-65535>] -
Permits all the packets

dst-start-port <1-65535> - Defines the destination start
port

dst-end-port <1-65535> - Defines the destination end
port

rule <1-20> - Define an integer value between 1 and 20. This
value sets the rule precedence on the AAP

This manual is related to the following products:
See also other documents in the category Brocade Communications Systems Hardware: