Rule (Ipv4 Advanced Acl View) - HP HSR6800 Command Reference Manual

Acl and qos

Hide thumbs Also See for HSR6800:

Configuration manual (478 pages)

Installation manual (146 pages)

Troubleshooting manual (41 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

page of 170

/ 170
Contents
Table of Contents
Bookmarks

Table of Contents

rule (IPv4 advanced ACL view)

Use rule to create or edit an IPv4 advanced ACL rule. You can edit ACL rules only when the match order

is config.

Use undo rule to delete an entire IPv4 advanced ACL rule or some attributes in the rule. If no optional

keywords are provided, this command deletes the entire rule. If optional keywords or arguments are

provided, this command deletes the specified attributes.

Syntax

rule [ rule-id ] { deny | permit } protocol [ { { ack ack-value | fin fin-value | psh psh-value | rst rst-value

| syn syn-value | urg urg-value } * | established } | counting | destination { dest-address dest-wildcard

| any } | destination-port operator port1 [ port2 ] | dscp dscp | fragment | icmp-type { icmp-type

[ icmp-code ] | icmp-message } | logging | precedence precedence | reflective | source

{ source-address source-wildcard | any } | source-port operator port1 [ port2 ] | time-range

time-range-name | tos tos | vpn-instance vpn-instance-name ] *

undo rule rule-id [ { { ack | fin | psh | rst | syn | urg } * | established } | counting | destination |

source-port | time-range | tos | vpn-instance ] *

Default

An IPv4 advanced ACL does not contain any rule.

Views

IPv4 advanced ACL view

Default command level

2: System level

Parameters

rule-id: Specifies a rule ID in the range of 0 to 65534. If no rule ID is provided when you create an ACL

rule, the system automatically assigns it a rule ID. This rule ID takes the nearest higher multiple of the

numbering step to the current highest rule ID, starting from 0. For example, if the rule numbering step is

5 and the current highest rule ID is 28, the rule is numbered 30.

deny: Denies matching packets.

permit: Allows matching packets to pass.

protocol: Protocol carried by IPv4. It can be a number in the range of 0 to 255, or in words, gre (47),

icmp (1), igmp (2), ip, ipinip (4), ospf (89), tcp (6), or udp (17).

can specify regardless of the value that the protocol argument takes.

Table 6 Match criteria and other rule information for IPv4 advanced ACL rules

Parameters

source

{ source-address

source-wildcard |

any }

Function

Specifies a source address

Table 6

Description

The source-address source-wildcard arguments

represent a source IP address and wildcard mask in

dotted decimal notation. An all-zero wildcard specifies

a host address.

The any keyword specifies any source IP address.

describes the parameters that you

Table of Contents

Rule (Ipv4 Advanced Acl View) - HP HSR6800 Command Reference Manual

rule (IPv4 advanced ACL view)

Related Manuals for HP HSR6800

Related Content for HP HSR6800

Table of Contents