Support User Manuals

3Com 4500 26-PORT Switch User Manual

Open as PDF

of 466

188 CHAPTER 8: USING QOS/ACL COMMANDS

undo rule rule-id

View

Corresponding ACL View

Parameter

rule-id: Specifies the subitems of an ACL, ranging from 0 to 65534.

permit: Permits packets that meet the requirements.

deny: Denies packets that meet the requirements.

The following parameters are various property parameters carried by packets. The

ACL sets rules according to this parameter.

Parameters specific to basic ACLs:

source { source-addr wildcard | any }: source-addr wildcard represents

the source IP address and the wildcard digit represented in dotted decimal

notation.

any represents all source addresses.

fragment: Means this rule is only effective fragment packets and is ignored for

non-fragment packets.

Parameters specific to advanced ACLs:

protocol: Specifies the protocol type which is represented by a name or a

number. When it is a name, this parameter can be adopted like: icmp, igmp, tcp,

udp, ip, gre, ospf, ipinip, etc. If the adopted value is IP, that means all the Internet

Protocols. When it is a number: it ranges from 1 to 225.

source { source-addr wildcard | any }: source-addr wildcard means the

source IP address and the wildcard digit represented in dotted decimal notation.

any means all source addresses.

destination { dest-addr wildcard | any }: dest-addr wildcard means the

destination IP address and the wildcard digit represented in dotted decimal

notation.

any means all destination addresses.

source-port operator port1 [port2]: Source port number of TCP or UDP used

by the packet.

operator is port operator, including eq (equal), gt (greater than), lt

(less than),neq (not-equal), range (within this range). Note that this parameter is

only available when the parameter protocol is TCP or UDP. port1 [port2]: Source

port number of TCP or UDP used by the packet, notated by a character or a

number which ranges from 0 to 65535 inclusive. For the value of the character,

please refer to mnemonic symbol table. The two parameters port1 and port2

appear at the same time only when the operator is “range”, but other operators

need “port1” only.

destination-port operator port1 [port2]: Destination port number of TCP or

UDP used by packets. For detailed description, please refer to

source-port

operator port1 [port2].

icmp-type type code: Appears when protocol is icmp. type code specifies an

ICMP packet.

type represents the type of ICMP packet, notated by a character or

previous next