Configuring policy
TCP establish bit (access control lists only)
In access control lists, you can use the tcp established command to specify that the rule
only applies to packets that are part of an established TCP session (a session in with the TCP
ACK or RST flag is set). Use the no form of this command to specify that the rule applies to all
TCP packets. In either case, the command also sets the IP protocol parameter to TCP.
For example, the following command specifies that rule 6 in access control list 301 only
matches packets that are part of an established TCP session:
G450-001(ACL 301/ip rule 6)# tcp established
Fragments
Enter fragment to apply the rule to non-initial fragments. You cannot use the fragment
command in a rule that includes UDP or TCP source or destination ports.
G450-001(super-ACL 301/ip rule 5)# fragment
Done!
G450-001(super-ACL 301/ip rule 5)#
DSCP
Enter dscp, followed by a DSCP value (from 0 to 63), to apply the rule to all packets with the
specified DSCP value. Use the no form of the command to remove the rule from the list.
For example, the following command specifies that rule 5 in access control list 301 only
matches packets in which the DSCP value is set to 56:
G450-001(ACL 301/ip rule 5)# dscp 56
Composite Operation
For instructions on assigning a composite operation to an ip rule, see
operation to an ip rule
604 Administration for the Avaya G450 Media Gateway
on page 607.
Adding composite