Allied Telesis AT-9000/12POE Switch User Manual

Open as PDF

of 1480

Chapter 73: Advanced Access Control Lists (ACLs)

1178

The SRC_IPADDRESS and DST_IPADDRESS parameters specify the

source and destination IPv4 addresses. Choose from the following

options:

 any— Matches any IPv4 address.

 ipaddress/mask— Matches packets that have an IPv4 address of a

subnet or an end node. The mask is a decimal number that

represents the number of bits in the address, from left to right, that

constitute the network portion of the address. For example, the

subnet address 149.11.11.0/24 has a mask of “24” for first the

twenty-four bits of the network portion of the address. The IPv4

address and the mask are separated by a slash (/); for example,

“149.11.11.0/24.”

 host ipaddress— Matches packets with a specified IPv4 address

and is an alternative to the IPADRESS/MASK variable for

addresses of end nodes. The HOST keyword indicates that the

IPv4 address is assigned to a specific end node and that no mask

is required.

The eq parameter matches packets that are equal to the TCP port number

specified by the SRC_TCP_PORT or DST_TCP_PORT parameter.

The lt parameter matches packets that are less than the TCP port number

specified by the SRC_TCP_PORT or DST_TCP_PORT parameter.

The gt parameter matches packets that are greater than the TCP port

number specified by the SRC_TCP_PORT or DST_TCP_PORT

parameter.

The ne parameter matches packets that are not equal to the TCP port

number specified by the SRC_TCP_PORT or DST_TCP_PORT

parameter.

The range parameter matches packets with TCP port numbers within the

range. Separate the numbers of the range by a space. For instance:

range 4 10

The src_tcp_port parameter specifies the source TCP port number. The

range is 0 to 65535. Omit this parameter to match any TCP port number

within the 0 to 65535 range.

The dst_tcp_port parameter specifies the destination TCP port number.

The range is 0 to 65535. Omit this parameter to match any TCP port

number within the 0 to 65535 range.

The VLAN parameter determines if an ACL filters VLANs. You use the

parameter to specify the VID. You can specify one VID per command. If

you omit this parameter, the ACL applies to all traffic. In other words, no

filtering is done by the ACL based on the VLAN.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Allied Telesis AT-9000/12POE Switch User Manual