D-Link DXS-3600-16S Manual page 34
Dxs-3600 series layer 2/3 managed 10gbe switch
Hide thumbs
Also See for DXS-3600-16S:
- Hardware installation manual (36 pages) ,
- Quick installation manual (28 pages) ,
- Hardware installation manual (55 pages)
Table of Contents
Advertisement
3-10 permit | deny (expert access-list)
Use the permit command to add a permit entry. Use the deny command to add a deny entry. Use the no command to
remove an entry.
Extended expert ACL:
[sn] {permit | deny} [ethernet-type] [[cos out [inner in]] | [vlan out [inner in]]] {source source-wildcard | host
source | any} {source-mac-address mask | host source-mac-address | any} {destination destination-wildcard |
host destination | any} {destination-mac-address mask | host destination-mac-address | any} [time-range
time-range-name]
[sn] {permit | deny} protocol [vlan out [inner in]] {source source-wildcard | host source | any} {source-mac-
address mask | host source-mac-address | any} {destination destination-wildcard | host destination | any}
{destination-mac-address mask | host destination-mac-address | any} [precedence precedence] [tos tos]
[fragments] [time-range time-range-name]
Extended expert ACLs of some important protocols:
[sn] {permit | deny} tcp [vlan out [inner in]] {source source-wildcard | host source | any} {source-mac-address
mask | host source-mac-address | any} [operator port]] {destination destination-wildcard | host destination |
any} {destination-mac-address mask | host destination-mac-address | any} [operator port] [precedence
precedence] [tos tos] [fragments] [time-range time-range-name] [tcp-flag]
[sn] {permit | deny} udp [vlan out [inner in]] {source source-wildcard | host source | any} {source-mac-address
mask | host source-mac-address | any} [operator port] {destination destination-wildcard | host destination |
any} {destination-mac-address mask | host destination-mac-address | any} [operator port] [precedence
precedence] [tos tos] [fragments] [time-range time-range-name]
[sn] {permit | deny} icmp [vlan out [inner in]] {source source-wildcard | host source | any} {source-mac-address
mask | host source-mac-address | any} {destination destination-wildcard | host destination | any} {destination-
mac-address mask | host destination-mac-address | any} [icmp-type] [[icmp-type [icmp-code]] | [icmp-
message]] [precedence precedence] [tos tos] [fragments] [time-range time-range-name]
no sn
Parameters
sn
source
source-wildcard
host source
any
destination
destination-wildcard
host destination
source-mac-address
destination-mac-address
mask
vlan out
vlan inner in
cos out
cos inner in
ethernet-type
DXS-3600 Series 10GbE Layer 2/3 Switch CLI Reference Guide
(Optional) Specifies the ACE sequence number. This number must be between 1
and 65535.
Specifies the source IP address.
Applies wildcard bits to the source.
Specifies a specific source IP address.
Means any source or destination IP or MAC address.
Specifies the destination IP address.
Applies wildcard bits to the destination.
Specifies a specific destination IP address.
Specifies the source MAC address.
Specifies the destination MAC address.
Specifies the MAC address mask.
(Optional) Specifies the outer VID used. This value must be between 1 and 4094.
(Optional) Specifies the inner VID used. This value must be between 1 and 4094.
(Optional) Specifies the outer priority value. This value must be betwee 0 and 7.
(Optional) Specifies the inner priority value. This value must be between 0 and 7.
(Optional) Specifies the Ethernet type as a pair of hexadecimal numbers and mask
(from 0x0 to 0xFFFF) or the name of an Ethernet type. Names that can be used are
'arp', 'aarp', 'appletalk', 'decnet-iv', 'etype-6000', 'etype-8042', 'lat', 'lavc-sca', 'mop-
console', 'mop-dump', 'vines-echo', 'vines-ip', 'xns-idp'.
26
- Quick Links:
- Basic Cli Commands
Hide quick links:
Advertisement
Table of Contents
