Filter
Top Products
C. Router CLI Commands, Codes, and Designations
9128-A2-GB20-80 September 2002
C-21
For Extended IP Access Lists:
(continued)
src-port
– Specify a TCP or UDP port number to be filtered. Valid if the protocol specified
is tcp or udp. Refer to Table C-16, TCP Port Designations, and Table C-17, UDP Port
Designations. Valid port number range is 0–65535.
src-end-port
– Specifies last TCP or UDP port number in a range of port numbers to be
filtered. Valid if the protocol specified is tcp or udp and if src-operator value
is range. Refer
to Table C-16, TCP Port Designations, and Table C-17, UDP Port Designations. Valid port
number range is 0–65535.
dest-operator
– Specifies how the destination port is evaluated. This argument may only
be specified if the protocol specified is tcp or udp. Valid values are:
eq – Match only packets with a port number equal to the destination port number.
gt – Match only packets with a port number greater than the destination port number.
lt – Match only packets with a port number less than the destination port number.
neq – Match only packets with a port number not equal to the destination port number.
range – Match only packets in the range of port numbers specified by dest-port and
dest-end-port. If range is specified, enter both a dest-port and dest-end-port.
dest-port
– Specifies a specific TCP or UDP port number to be filtered. This option only
applies to a protocol of tcp or udp. Many of the valid TCP and UDP ports are described in
Table C-16, TCP Port Designations, and Table C-17, UDP Port Designations. Valid TCP
or UDP port number range is 0–65535.
dest-end-port
– Specifies last TCP or UDP port number in a range of port numbers to be
filtered. This option only applies to a protocol of tcp or udp with
dest-operator set to range.
Many of the valid TCP and UDP ports are described in Table C-16, TCP Port
Designations, and Table C-17, UDP Port Designations. Valid TCP or UDP port number
range is 0–65535.
For Protocol Type Access Lists:
Example:
access-list 200 permit 0x200 range 0x210
type-code
– Specifies the 16-bit hexadecimal number written with a leading “0x” that
specifies either an Ethernet type code or the first Ethernet type code in a range of
Ethernet type codes to filter. If a user attempts to a type code that is not a 16-bit
hexadecimal number written with a leading “0x”, it will be treated as a syntax error. Many
of the Ethernet Type codes distributed by the Xerox Corporation are listed in Table C-14,
Ethernet Type Codes (Hex). This option only applies to protocol type-code access lists.
range
– Specifies a range of ether-type codes. This option only applies to protocol
type-code access lists.
end-type-code
– The last ethernet type code included in the filter range. A 16-bit
hexadecimal number written with a leading “0x” used to specify one of the Ethernet
type codes. This option only applies for protocol type-code access lists.
Table C-11. Filter Commands (3 of 4)