Enterasys SecureStack C2 Configuration Manual page 312
Stackable switches
Hide thumbs
Also See for SecureStack C2:
- Configuration manual (698 pages) ,
- Installation manual (34 pages)
Table of Contents
Advertisement
set policy rule
set policy rule admin-profile {vlantag data [mask mask] admin-pid profile-index}
[port-string port-string]
set policy rule profile-index {ether |icmptype | ipproto | ipdestsocket |
ipsourcesocket | iptos | macdest | macsource |tcpdestport | tcpsourceport |
udpdestport | udpsourceport} data [mask mask] [vlan vlan] [cos cos] | [drop |
forward]
Parameters
The following parameters apply to creating an admin rule.
admin‐profile
vlantag data
mask mask
admin‐pid
profile‐index
port‐string port‐string
The following parameters apply to creating a classification rule.
profile‐index
ether
icmptype
ipproto
ipdestsocket
ipsourcesocket
iptos
macdest
macsource
tcpdestport
tcpsourceport
9-10 Policy Classification Configuration
Note: Classification rules are automatically enabled when created.
Specifies that this is an admin rule for policy ID 0.
Classifies based on VLAN tag specified by data. Value of data can range
from 1 to 4094 or 0xFFF.
(Optional) Specifies the number of significant bits to match, dependent
on the data value entered. Value of mask can range from 1 to 12.
Refer to Table
value.
Associates this admin rule with a policy profile, identified by its index
number. Policy profiles are configured with the set policy profile
command as described in "set policy profile" on page 9‐3.
Valid profile‐index values are 1‐ 255.
(Optional) Assigns this rule to the specified policy profile on specific
ingress port(s). Rule would not be used until policy is assigned to the
specified port(s) using the set policy port command as described in "set
policy port" on page 9‐14.
Specifies a policy profile number to which this rule will be assigned.
Policy profiles are configured with the set policy profile command as
described in "set policy profile" on page 9‐3. Valid profile‐index values are
1‐ 255.
Classifies based on type field in Ethernet II packet.
Classifies based on ICMP type.
Classifies based on Protocol field in IP packet.
Classifies based on destination IP address with optional post‐fixed port.
Classifies based on source IP address, with optional post‐fixed port.
Classifies based on Type of Service field in IP packet.
Classifies based on MAC destination address.
Classifies based on MAC source address.
Classifies based on TCP destination port.
Classifies based on TCP source port.
9‐3 for valid values for each classification type and data
Advertisement
Table of Contents
