3Com 5500G-EI Command Reference Manual page 288
Version 3.1.x
Hide thumbs
Also See for 5500G-EI:
- Quick reference manual (59 pages) ,
- Configuration manual (686 pages) ,
- Getting started manual (151 pages)
Table of Contents
Advertisement
288
C
8: U
Q
HAPTER
SING
S/ACL C
O
OMMANDS
type code
icmp-type
ICMP packet.
type
a number which ranges from 0 to 255;
when the protocol is "icmp" and the type of packet is not notated by a character,
ranging from 0 to 255.
: Means that it is only effective to the first SYN packet established by
established
TCP, appears when protocol is tcp.
precedence
precedence
to 7.
: ToS (Type of Service) value, can be a name or a number ranging from 0 to
tos
tos
15. Packets can be classified according to TOS value.
: DSCP (Differentiated Services Code Point) value, can be a name or a
dscp
dscp
number ranging from 0 to 63. Packets can be classified according to DSCP value.
: Means this rule is only effective for fragment packets and is ignored for
fragment
non-fragment packets.
Parameters specific to Layer 2 ACL:
source
{ source-vlan-id | source-mac-addr source-mac-wildcard }*
source information of a packet,
packet,
source-mac-addr source-mac-wildcard
of the packet. For example, if you set
that you will take the last 16 bits of source MAC address as the rule of traffic
classification.
dest
{ dest-vlan-id
destination information of a packet:
represents the the packet's destination MAC address. For example, if you set
source-mac-wildcard
source MAC address as the rule of traffic classification.
protocol-type protocol-type-mask
type
frame.
lsap-type lsap-type-mask
lsap
Description
Use the
command to add a subrule to an ACL.
rule
Use the
undo rule
You can define several subrules for an ACL. If you include parameters when using
the
command, the system only deletes the corresponding content of
undo rule
the subrule.
For related configurations, refer to command
Example
Add a subrule to an advanced ACL:
: Appears when protocol is icmp.
represents the type of ICMP packet, notated by a character or
code
: IP predence, can be a name or a number ranging from 0
source-vlan-id
source-mac-wildcard
| dest-mac-addr dest-mac-wildcard }*
dest-mac-addr dest-mac-wildcard
to 0-0-ffff, it means that you will take the last 16 bits of
: lsap type carried by the Ethernet frame.
command to cancel a subrule from an ACL.
type code
represents ICMP code, which appears
represents source VLAN of the
represents source MAC address
to 0-0-ffff, it means
: Protocol type carried by the Ethernet
.
acl
specifies an
: The
: The
- Quick Links:
- Logging in Commands
Hide quick links:
Advertisement
Table of Contents
