Chapter 4: CLI Management
CLI Management - Security
NGSME24G4S User Manual | 329
'any'
<dport> : Destination UDP/TCP port range (0-65535)
or 'any'
tcp : TCP keyword
<tcp_flags> : TCP flags: fin|syn|rst|psh|ack|urg [0|1|any]
permit : Permit forwarding (default)
deny : Deny forwarding
<rate_limiter> : Rate limiter number (1-15) or 'disable'
<port_redirect> : Port list for copy of frames or 'disable'
<mirror> : Mirror of frames: enable|disable
<logging> : System logging of frames: log|log_disable
<shutdown> : Shut down ingress port: shut|shut_disable
Example:
Add one ACE:
Security/Network/ACL>add 2 port 6-10 policy 3 8 ip
ACE ID 2 added last
Edit one ACE:
Security/Network/ACL>add 1 port 1-5 policy 2 8 any
ACE ID 1 modified last
Result:
ID Type Port Policy Frame Action Rate L. Port C. Mirror Counter
-- ------- -------- -------- ----- ------ -------- -------- -------- -------
1 User 1-5 2 /0x8 Any Permit Disabled Disabled Disabled 0
2 User 6-10 3 /0x8 IP Permit Disabled Disabled Disabled 0
DHCP
DHCP Snooping
Syntax:
Security Network DHCP Snooping Mode [enable|disable]
Security Network DHCP Snooping Port Mode [<port_list>]
[trusted|untrusted]
Security Network DHCP Snooping Statistics [<port_list>]
[clear]
Example:
