DXS-3600 Series 10GbE Layer 2/3 Switch CLI Reference Guide
26
3-10 permit | deny (expert access-list)
Use the
permit
command to add a permit entry. Use the
deny
command to add a deny entry. Use the no command to
remove an entry.
Extended expert ACL:
[
sn
] {permit | deny} [
ethernet-type
] [[cos
out
[inner
in
]] | [vlan
out
[inner
in
]]] {
source source-wildcard
| host
source
| any} {
source-mac-address mask
| host
source-mac-address
| any} {
destination destination-wildcard
|
host
destination
| any} {
destination-mac-address mask
| host
destination-mac-address
| any} [time-range
time-range-name
]
[
sn
] {permit | deny}
protocol
[vlan
out
[inner
in
]] {
source source-wildcard
| host
source
| any} {
source-mac-
address mask
| host
source-mac-address
| any} {
destination destination-wildcard
| host
destination
| any}
{
destination-mac-address mask
| host
destination-mac-address
| any} [precedence
precedence
] [tos
tos
]
[
fragments
] [time-range
time-range-name
]
Extended expert ACLs of some important protocols:
[
sn
] {permit | deny} tcp [vlan
out
[inner
in
]] {
source source-wildcard
| host
source
| any} {
source-mac-address
mask
| host
source-mac-address
| any} [
operator port
]] {
destination destination-wildcard
| host
destination
|
any} {
destination-mac-address mask
| host
destination-mac-address
| any} [
operator port
] [precedence
precedence
] [tos
tos
] [
fragments
] [time-range
time-range-name
] [
tcp-flag
]
[
sn
] {permit | deny} udp [vlan
out
[inner
in
]] {
source source-wildcard
| host
source
| any} {
source-mac-address
mask
| host
source-mac-address
| any} [
operator port
] {
destination destination-wildcard
| host
destination
|
any} {
destination-mac-address mask
| host
destination-mac-address
| any} [
operator port
] [precedence
precedence
] [tos
tos
] [
fragments
] [time-range
time-range-name
]
[
sn
] {permit | deny} icmp [vlan
out
[inner
in
]] {
source source-wildcard
| host
source
| any} {
source-mac-address
mask
| host
source-mac-address
| any} {
destination destination-wildcard
| host
destination
| any} {
destination-
mac-address mask
| host
destination-mac-address
| any} [
icmp-type
] [[
icmp-type
[
icmp-code
]] | [
icmp-
message
]] [precedence
precedence
] [tos
tos
] [
fragments
] [time-range
time-range-name
]
no
sn
Parameters
sn
(Optional) Specifies the ACE sequence number. This number must be between 1
and 65535.
source
Specifies the source IP address.
source-wildcard
Applies wildcard bits to the source.
host
source
Specifies a specific source IP address.
any
Means any source or destination IP or MAC address.
destination
Specifies the destination IP address.
destination-wildcard
Applies wildcard bits to the destination.
host
destination
Specifies a specific destination IP address.
source-mac-address
Specifies the source MAC address.
destination-mac-address
Specifies the destination MAC address.
mask
Specifies the MAC address mask.
vlan
out
(Optional) Specifies the outer VID used. This value must be between 1 and 4094.
vlan inner
in
(Optional) Specifies the inner VID used. This value must be between 1 and 4094.
cos
out
(Optional) Specifies the outer priority value. This value must be betwee 0 and 7.
cos inner
in
(Optional) Specifies the inner priority value. This value must be between 0 and 7.
ethernet-type
(Optional) Specifies the Ethernet type as a pair of hexadecimal numbers and mask
(from 0x0 to 0xFFFF) or the name of an Ethernet type. Names that can be used are
'arp', 'aarp', 'appletalk', 'decnet-iv', 'etype-6000', 'etype-8042', 'lat', 'lavc-sca', 'mop-
console', 'mop-dump', 'vines-echo', 'vines-ip', 'xns-idp'.
Содержание DXS-3600-16S
Страница 1: ...CLI Reference Guide Product Model DXS 3600 Series Layer 2 3 Managed 10GbE Switch Release 1 10 ...
Страница 232: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 224 ...
Страница 301: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 293 ...
Страница 349: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 341 ...
Страница 494: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 486 ...
Страница 564: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 556 ...
Страница 649: ...DXS 3600 Series 10GbE Layer 2 3 Switch CLI Reference Guide 641 ...