6. Access Control List (ACL) Commands
52
create access_profile profile_id <value 1-6> profile_name <name 1-32> [ethernet {vlan {<hex 0x0-
0x0fff>} | source_mac <macmask 000000000000-ffffffffffff> | destination_mac <macmask
000000000000-ffffffffffff> | 802.1p | ethernet_type}(1) | ip {vlan {<hex 0x0-0x0fff>} |
source_ip_mask <netmask> | destination_ip_mask <netmask> | dscp | [icmp {type | code} |
igmp {type} | tcp {src_port_mask <hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff> |
flag_mask [all | {urg | ack | psh | rst | syn | fin}]} | udp {src_port_mask <hex 0x0-0xffff> |
dst_port_mask <hex 0x0-0xffff>} | protocol_id_mask <hex 0x0-0xff> {user_define_mask <hex
0x0-0xffffffff>}]}(1) | packet_content_mask {offset_chunk_1 <value 0-31> <hex 0x0-
0xffffffff> | offset_chunk_2 <value 0-31> <hex 0x0-0xffffffff> | offset_chunk_3 <value 0-31>
<hex 0x0-0xffffffff> | offset_chunk_4 <value 0-31> <hex 0x0-0xffffffff>}(1) | ipv6 {class |
flowlabel | source_ipv6_mask <ipv6mask> | destination_ipv6_mask <ipv6mask> | [tcp
{src_port_mask <hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff>} | udp {src_port_mask
<hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff>} | icmp {type | code}]}(1)]
delete access_profile [profile_id <value 1-6> | profile_name <name 1-32> | all]
config access_profile [profile_id <value 1-6> | profile_name <name 1-32>] [add access_id
[auto_assign | <value 1-256>] [ethernet {[vlan <vlan_name 32> | vlan_id <vlanid 1-4094>]
{mask <hex 0x0-0x0fff>} | source_mac <macaddr> {mask <macmask>} | destination_mac
<macaddr> {mask <macmask>} | 802.1p <value 0-7> | ethernet_type <hex 0x0-0xffff>}(1) |
ip {[vlan <vlan_name 32> | vlan_id <vlanid 1-4094>] {mask <hex 0x0-0x0fff>} | source_ip
<ipaddr> {mask <netmask>} | destination_ip <ipaddr> {mask <netmask>} | dscp <value 0-
63> | [icmp {type <value 0-255> | code <value 0-255>} | igmp {type <value 0-255>} | tcp
{src_port <value 0-65535> {mask <hex 0x0-0xffff>} | dst_port <value 0-65535> {mask <hex
0x0-0xffff>} | flag [all | {urg | ack | psh | rst | syn | fin}]} | udp {src_port <value 0-65535>
{mask <hex 0x0-0xffff>} | dst_port <value 0-65535> {mask <hex 0x0-0xffff>}} | protocol_id
<value 0-255> {user_define <hex 0x0-0xffffffff> {mask <hex 0x0-0xffffffff>}}]}(1) |
packet_content {offset_chunk_1 <hex 0x0-0xffffffff> {mask <hex 0x0-0xffffffff>} |
offset_chunk_2 <hex 0x0-0xffffffff> {mask <hex 0x0-0xffffffff>} | offset_chunk_3 <hex 0x0-
0xffffffff> {mask <hex 0x0-0xffffffff>} | offset_chunk_4 <hex 0x0-0xffffffff> {mask <hex 0x0-
0xffffffff>}}(1) | ipv6 {class <value 0-255> | flowlabel <hex 0x0-0xfffff> | source_ipv6
<ipv6addr> {mask <ipv6mask>} | destination_ipv6 <ipv6addr> {mask <ipv6mask>} | [tcp
{src_port <value 0-65535> {mask <hex 0x0-0xffff>} | dst_port <value 0-65535> {mask <hex
0x0-0xffff>}} | udp {src_port <value 0-65535> {mask <hex 0x0-0xffff>} | dst_port <value 0-
65535> {mask <hex 0x0-0xffff>}} | icmp {type <value 0-255> | code <value 0-255>}]}(1)]
[port [<portlist> | all] | vlan_based [vlan <vlan_name 32> | vlan_id <vlanid 1-4094>]] [permit
{priority <value 0-7> {replace_priority} | [replace_dscp_with <value 0-63> |
replace_tos_precedence_with <value 0-7>] | counter [enable | disable]} | mirror {group_id
<value 1-4>} | deny] {time_range <range_name 32>} | delete access_id <value 1-256>]
show access_profile {[profile_id <value 1-6> | profile_name <name 1-32>]}
config time_range <range_name 32> [hours start_time <time hh:mm:ss> end_time <time
hh:mm:ss> weekdays <daylist> | delete]
show time_range
show current_config access_profile
config flow_meter [profile_id <value 1-6> | profile_name <name 1-32>] access_id <value 1-256>
[rate [<value 0-1048576>] {burst_size [<value 0-131072>]} rate_exceed [drop_packet |
remark_dscp <value 0-63>] | tr_tcm cir <value 0-1048576> {cbs <value 0-131072>} pir <value
0-1048576> {pbs <value 0-131072>} {[color_blind | color_aware]} {conform [permit |
replace_dscp <value 0-63>] {counter [enable | disable]}} exceed [permit {replace_dscp
<value 0-63>} | drop] {counter [enable | disable]} violate [permit {replace_dscp <value 0-
63>} | drop] {counter [enable | disable]} | sr_tcm cir <value 0-1048576> cbs <value 0-
131072> ebs <value 0-131072> {[color_blind | color_aware]} {conform [permit |
replace_dscp <value 0-63>] {counter [enable | disable]}} exceed [permit {replace_dscp
<value 0-63>} | drop] {counter [enable | disable]} violate [permit {replace_dscp <value 0-
63>} | drop] {counter [enable | disable]} | delete]
Содержание ZEQUO 2200
Страница 3: ...3 ...
Страница 86: ...7 ARP Commands 86 ...
Страница 93: ...9 Auto Configuration Commands 93 ...
Страница 273: ...30 IPv6 NDP Commands 273 ...
Страница 330: ...36 LLDP Commands 330 ...
Страница 361: ...39 MAC based Access Control Commands 361 ...
Страница 435: ...45 Network Monitoring Commands 435 Zxxx0 admin clear attack_log Command clear attack_log Success Zxxx0 admin ...
Страница 461: ...49 Protocol VLAN Commands 461 ...
Страница 483: ...50 QoS Commands 483 ...
Страница 504: ...53 SNMPv1 v2 v3 Commands 504 Only Administrator level users can issue this command ...
Страница 523: ...53 SNMPv1 v2 v3 Commands 523 ...
Страница 562: ...57 Subnet VLAN Commands 562 ...