Chapter 4 Service Configuration
Command Mode
Hybrid egress ACL configuration mode
Syntax
rule
<
1-500
>{
permit
|
deny
}
udp
{<
source-ipaddr
><
sip-mask
>|
any
}[
source-port
<
0-65535
><
s
port-mask
>]{<
destination-ipaddr
><
dip-mask
>|
any
}[
dest-port
<
0-65535
><
dport-mask
>][
dscp
<
0-63
>][
fragment
][
cos
<
0-7
>][<
vlan-id
>[<
vlan-mask
>]][<
source-mac
><
smac-mask
>|
any
][<
de
st-mac
><
dmac-mask
>|
any
]
Parameter Description
Parameter
Description
<
1-500
>
Rule number.
permit
If the condition matches, access is permitted.
deny
If the condition matches, access is denied.
udp
This rule is only valid for UDP packet. Other packets ignore this
rule.
<
source-ipaddr
>
IP address of the source network or host transmitting packets. It is
a 32-bit IP address expressed in dotted decimal notation.
<
sip-mask
>
Source mask and used for source. It is a 32-bit IP address
expressed in dotted decimal notation.
source-port
<
0-65535
>
UDP source port number of the transmitted packet
The parameters of source-port can resolve the some known port
numbers. Also the port number and mask can be directly inputted.
<
sport-mask
>
Source port mask.
any
(first)
The any keyword is used as the abbreviation of the source 0.0.0.0
and the source mask 0.0.0.0.
<
destination-ipaddr
>
Destination network or host of the transmitted packet. It is a 32-bit
IP address expressed in dotted decimal notation.
<
dip-mask
>
Destination mask used for destination. It is a 32-bit IP address
expressed in dotted decimal notation.
any
(second)
The any keyword is used as the abbreviation of the destination
0.0.0.0 and the destination mask 0.0.0.0.
dest-port
<
0-65535
>
UDP destination port number of the transmitted packet.
The parameters of dest-port can resolve the some known port
numbers. Also the port number and mask can be directly inputted.
<
dport-mask
>
Destination port mask.
4-287
SJ-20130731155059-003|2013-11-27 (R1.0)
ZTE Proprietary and Confidential