H3C s3600 series Command Manual page 737

Table 1-11 TCP/UDP-specific ACL rule information
Parameters
source-port operator
port1 [ port2 ]
destination-port
operator port1 [ port2 ]
established
For a rule of an advanced ACL that is applied to ports or VLANs of the H3C S3600 series Ethernet
switches, if it contains TCP or UDP port information, the operator argument can only be eq.
If TCP or UDP port number is represented by name, you can also define the information listed in
1-12.
Type
Defines the source port
Source port
information of
UDP/TCP packets
Defines the destination
Destination port port information of
UDP/TCP packets
Specifies that the rule is
applicable only to the
TCP connection
first SYN segment for
flag
establishing a TCP
connection
1-15
Function
The value of operator can
be lt (less than), gt
(greater than), eq (equal
to), neq (not equal to) or
range (within the range
of). Only the range
operator requires two port
numbers as the operands.
The other operators
require only one port
number as the operand.
port1 and port2: TCP/UDP
port number(s), expressed
as port names or port
numbers. When
expressed as numerals,
the value range is 0 to
65535.
With the range operator,
the value of port2 does not
need to be greater than
that of port1 because the
switch can automatically
judge the value range. If
the value of port1 is the
same as that of port2, the
switch will convert the
operator range to eq.
Note that if you specify a
combination of lt 1 or gt
65534, the switch will
convert it to eq 0 or eq
65535.
TCP-specific argument
Description
Table