Company Address: Flat 6, Bldg 4,South 2 of Honghualing Industrial Zone,Liuxian Road, Xili Town, Shenzhen, Guangdong, China(518055)
Tel: +86-755-26014509/4710/4711 Fax:+86-755-26014506
Website: www.cdatatec.com
56
reference for packet filtering rules. Or you can used with QoS policyfor a particular message
service quality assurance.
no rule :
This command is used to delete or modify the ACL rules.
【
Example
】
In the worktime period, specified port 1 can only receive message from IP address for 10.10.10.2.
OLT(config)#
time
‐
range
worktime
8:00
to
18:00
working
‐
day
OLT(config)#
acl
2000
OLT(acl
‐
basic
‐
2000)#
rule
2
permit
source
10.10.10.2
0.0.0.0
time
‐
range
working
‐
day
OLT(acl
‐
basic
‐
2000)#
rule
1deny
source
any
time
‐
range
working
‐
day
OLT(acl
‐
basic
‐
2000)#
exit
OLT(config)#
packet
‐
filter
inbound
2000
port
ge
1
11.4rule
(adv
acl)
【
Command
】
When protocol is TCP ,
the com
mand format based on the IPv4 as follow
rule
rule-id
(permit | deny) tcp [ [soure
(
ip-address sour-wildcard
|
any
)] |
[
destination
(
ip-address sour-wildcard
|
any
)] | [
src-port port-list | dest-portport-list
]
|
[
precedence procedence-value ] | [dscp dscp-value
]
|
[
time-rangetime-range-name
]]
When protocol is UDP ,
the com
mand format based on the IPv4 as follow:
rule
rule-id
(permit | deny) udp [ [soure
(
ip-address sour-wildcard
|
any
)] |
[
destination
(
ip-address sour-wildcard
|
any
)] | [
src-port port-list | dest-portport-list
]
|
[
precedence procedence-value ] | [dscp dscp-value
]
|
[
time-rangetime-range-name
]]
When protocol is IP,
the com
mand format based on the IPv4 as follow:
rule
rule-id
(permit | deny) ip [ [soure
(
ip-address sour-wildcard
|
any
)] |
[
destination
(
ip-address sour-wildcard
|
any
)] | [
src-port port-list | dest-portport-list
]
|
[
precedence procedence-value ] | [dscp dscp-value
]
|
[
time-rangetime-range-name
]]
When protocol is ipinip ,
the com
mand format based on the IPv4 as follow :
rule
rule-id
(permit | deny) ipinip [ [soure
(
ip-address sour-wildcard
|
any
)] |
[
destination
(
ip-address sour-wildcard
|
any
)] | [
src-port port-list | dest-portport-list
]
|
[
precedence procedence-value ] | [dscp dscp-value
]
|
[
time-rangetime-range-name
]]
When protocol is icmp ,
the com
mand format based on the IPv4 as follow
rule
rule-id
(permit | deny) icmp [ [soure
(
ip-address sour-wildcard
|
any
)] |
[
destination
(
ip-address sour-wildcard
|
any
)] |
|
[
precedence procedence-value ] | [dscp
dscp-value
]
|
[
time-rangetime-range-name
]]
When protocol is other agreement except the TCP, UDP, ICMP, the command format based on the IPv4
as follow:
rule
rule-id
(permit | deny) protocol [ [soure
(
ip-address sour-wildcard
|
any
)] |