Filter
Top Products
114 Summit 300-48 Switch Software User Guide
Access Policies
create access-mask <access-mask name>
{dest-mac}
{source-mac}
{vlan }
{ethertype}
{tos | code-point}
{ipprotocol}
{dest-ip /<mask length>} {dest-L4port}
{source-ip /<mask length>}
{source-L4port | {icmp-type} {icmp-code}}
{permit-established}
{egressport}
{ports}
{precedence <number>}
Creates an access mask. The mask specifes
which packet fields to examine. Options include:
• <acess-mask name> — Specifies the
access mask name. The access mask name
can be between 1 and 31 characters.
• dest-mac — Specifies the destination MAC
address field.
• source-mac — Specifies the source MAC
address field.
• vlan — Specifies the VLANid field.
• ethertype — Specifies the Ethertype field.
• tos — Specifies the IP precedence field.
• code-point — Specifies the DiffServ code
point field.
• ipprotocol — Specifies the IP protocol
field.
• dest-ip — Specifies the IP destination field
and subnet mask. You must supply the
subnet mask.
• dest-L4port — Specifies the destination
port field.
• source-ip — Specifies the IP source
address field and subnet mask. You must
supply the subnet mask.
• source-L4port — Specifies the source
port field.
• icmp-type — Specify the ICMP type field.
• icmp-code — Specify the ICMP code field.
• permit-established — Specifies the TCP
SYN/ACK bit fields.
• egressport — Specify the egress port
• ports — Specifies the ingress port(s) on
which this rule is applied.
• precedence — Specifies the access mask
precedence number. The range is 1 to
25,600.
Table 39: Access Control List Configuration Commands (continued)
Command Description