ADC Telecommunications, Inc.
334 C
HAPTER 15: IP PACKET FILTERING
The following table provides a quick reference to access list command
arguments. For more information, see the Cuda 12000 IP Access Switch CLI
Reference Guide.
Table 15-1 Access List Command Arguments
Argument Description
list number Index number that identifies this list. Valid range:
1–65535.
rule number Number identifying the precedence of this access list.
Smaller rule numbers result in greater precedence. This
means that an access list with a lesser rule number is
applied against the interface first.
source ip address IP address seen in the source IP address field of the
protocol header. A value of any acts as a wildcard.
source ip mask Source IP address network mask, if you specified a
specified address.
destination ip
address
IP address seen in the destination IP address field of the
protocol header. A value of any acts as a wildcard.
destination ip mask Destination IP address network mask, if you specified a
specific address.
host Host address if filtering on a specific IP host.
operator Operand used to compare source and destination ports.
You can use the following operands:
■ lt (less than)
■ gt (greater than)
■ eq (equal)
■ range (inclusive range)
port TCP or UDP port number. Valid range: 0–65535.
established For TCP protocol only. Indicates an established TCP
connection. Match occurs when the ACK or RST bits of
a TCP datagram are set.
tos Type of Service level identified in the IP packet header.
Valid Range 0 – 15.
tos-mask Type of Service mask.