Rule (For User-Defined Acls) - 3Com 5500-EI PWR Reference Manual
Hide thumbs
Also See for 5500-EI PWR:
- Install manual (1072 pages) ,
- Getting started manual (118 pages) ,
- Quick reference manual (59 pages)
Table of Contents
Advertisement
After completing the above configuration, you can use the display acl command to view the
configuration information of the ACLs.
rule (for user-defined ACLs)
Syntax
rule [ rule-id ] { deny | permit } [ rule-string rule-mask offset ] &<1-8> [ time-range time-name ]
undo rule rule-id
View
User-defined ACL view
Parameters
rule-id: ID of an ACL rule, in the range of 0 to 65534.
rule-string: User-defined ACL rule string. It must be an even hexadecimal number comprising 2 to 160
hexadecimal numerals.
rule-mask: User-defined mask of the ACL rule. It must be an even hexadecimal number containing 2 to
160 hexadecimal numerals and be of the same length as that of the rule-string argument. This
argument is used to perform the logical AND operations with packets.
offset: Mask offset of the rule. It specifies a position in packets, from which the logical AND operation is
to be performed. It ranges from 0 to 79 (in bytes).
Note that:
The maximum value of the mask offset of the rule becomes one byte less when the rule-string
argument has two more hexadecimal numerals. For example, when the rule-string contains two
hexadecimal numerals, the maximum value of offset is 79 bytes; when the rule-string contains four
hexadecimal numerals, the maximum value of offset is 78 bytes, and so on.
The valid length of the mask offset is 128 hexadecimal numerals (64 bytes). For example, assume
that you specify a rule string of aa and set its offset to 2. If you continue to specify a rule string of bb,
its offset must be in the range from 3 to 65 bytes. If you set the offset of the rule string aa to 3, the
offset of the rule string bb must be in the range of 4 to 66 bytes, and so on. However, the offset of
the rule string bb cannot be greater than 79 bytes.
As shown in
mask offset of a user-defined string into multiple offset units, each of which is 4–byte long.
Available offset units fall into eight groups, which are numbered from Offset1 to Offset8.
With the Switch 5500-EI series, a user-defined rule string may or may not contain spaces and can
be up to 32 bytes in length. It can occupy up to eight mask offset units and any two of the offset
units cannot belong to the same offset group. Otherwise, the ACL cannot be applied successfully.
Table 1-16 Offset units of a user-defined rule string
Offset1
0 to 3
4 to 7
Table
1-16, the hardware rule of the Switch 5500-EI series logically divides the rule
Offset2
Offset3
8 to 11
Offset unit
Offset4
Offset5
12 to 15
16 to 19
1-22
Offset6
Offset7
20 to 23
24 to 27
Offset8
28 to 31
Advertisement
Chapters
Table of Contents
