Filter
Top Products
permit
Configure a permit rule. A permit rule excludes the matching packets from PBR classification and routes
them using conventional routing.
S4820T
Syntax
permit {ip-protocol-number | protocol-type} {source mask | any
| host ip-address} {destination mask | any | host ip-address}
[bit] [operators]
To remove the rule, use one of the following:
• If you know the filter sequence number, use the no seq sequence-number
syntax command.
• You can also use the no permit {ip-protocol-number | protocol-
type} {source mask | any | host ip-address} {destination
mask | any | host ip-address} [bit] [operators] command.
Parameters
ip-protocol-
number
Enter a number from 0 to 255 for the protocol identified in
the IP protocol header.
protocol-type Enter one of the following keywords as the protocol type:
• icmp for internet control message protocol
• ip for any internet protocol
• tcp for transmission control protocol
• udp for user datagram protocol
source Enter the IP address of the network or host from which the
packets were sent.
mask Enter a network mask in /prefix format (/x).
any Enter the keyword any to specify that all traffic is subject to
the filter.
host ip-address Enter the keyword host then he IP address to specify a host
IP address.
destination Enter the IP address of the network or host to which the
packets are sent.
bit (OPTIONAL) For the TCP protocol type only, enter one or a
combination of the following TCP flags:
• ack = acknowledgement
• fin = finish (no more data from the user)
• psh = push function
• rst = reset the connection
• syn = synchronize sequence number
Policy-based Routing (PBR)
1383