14-22
Motorola RF Switch CLI Reference Guide
Usage Guidelines
Use this command to permit traffic between networks/hosts based on the protocol type
selected in the access list configuration. The following protocols are supported:
• ip
• icmp
• tcp
• udp
The last ACE in the access list is an implicit deny statement.
Whenever the interface receives the packet, its content is checked against all the ACEs in
the ACL. It is allowed based on the ACL configuration.
• Filtering on TCP/UDP allows the user to specify port numbers as filtering criteria
• Select ICMP to allow/deny packets. Selecting ICMP allows to filter ICMP packets
based on type and code
14.1.8.1 Permitting IP Based Traffic
The example below allows IP traffic from the source subnet to the destination subnet and
denies all other traffic over an interface:
RFSwitch(config-ext-nacl)#permit ip 192.168.1.10/24 192.168.2.0/24
rule-precedence 40
RFSwitch(config-ext-nacl)#
14.1.8.2 Permitting Telnet Based Traffic
The example below permits Telnet traffic from the source subnet and the destination
subnet and denies all other traffic over an interface:
RFSwitch(config-ext-nacl)#permit tcp 192.168.4.0/24 192.168.5.0/24
eq 23 rule-precedence 10
RFSwitch(config-ext-nacl)#
NOTE: The log option is functional only for router ACL's. The log option
displays an informational logging message about the packet matching
the entry sent to the console.