Extreme Networks ExtremeWare XOS Guide Manual page 186
Concepts guide
Hide thumbs
Also See for ExtremeWare XOS Guide:
- Command reference manual (2024 pages) ,
- Manual (698 pages) ,
- Manual (256 pages)
Table of Contents
Advertisement
Policies and ACLs
Table 24: ACL match conditions (Continued)
Match Conditions
ICMP-code <number>
NOTE
Directed ARP response packets cannot be blocked with ACLs from reaching the CPU and being learned on the
Aspen 8810 switch.
Along with the data types described in
match conditions. For example, the match condition,
source port greater than 190. Be sure to use a space before and after an operator.
Table 25: ACL match condition data types
Condition Data Type
prefix
number
range
bit-field
mac-address
ExtremeWare XOS 11.1 Concepts Guide
Description
ICMP code field. This value or keyword provides more specific
information than the icmp-type. Because the value's meaning
depends upon the associated icmp-type, you must specify the
icmp-type along with the icmp-code. In place of the numeric
value, you can specify one of the following text synonyms (the
field values also listed); the keywords are grouped by the ICMP
type with which they are associated:
Parameter-problem:
ip-header-bad(0), required-option-missing(1)
Redirect:
redirect-for-host (1), redirect-for-network (2), redirect-for-tos-
and-host (3), redirect-for-tos-and-net (2)
Time-exceeded:
ttl-eq-zero-during-reassembly(1), ttl-eq-zero-during-transit(0)
Unreachable:
communication-prohibited-by-filtering(13), destination-host-
prohibited(10), destination-host-unknown(7), destination-
network-prohibited(9), destination-network-unknown(6),
fragmentation-needed(4), host-precedence-violation(14), host-
unreachable(1), host-unreachable-for-TOS(12), network-
unreachable(0), network-unreachable-for-TOS(11), port-
unreachable(3), precedence-cutoff-in-effect(15), protocol-
unreachable(2), source-host-isolated(8), source-route-failed(5)
Table
25, you can use the operators
Description
IP source and destination address prefixes. To specify the address prefix, use the
notation prefix/prefix-length. For a host address, prefix-length should be
set to 32.
Numeric value, such as TCP or UDP source and destination port number, IP protocol
number.
A range of numeric values. To specify the numeric range, use the notation: number -
number
Used to match specific bits in an IP packet, such as TCP flags and the fragment flag.
6-byte hardware address.
,
<
, will match packets with a
source-port > 190
Applicable
IP Protocols
ICMP
,
, and
to specify
<=
>
>=
186
Advertisement
Table of Contents
Related Manuals for Extreme Networks ExtremeWare XOS Guide
Related Products for Extreme Networks ExtremeWare XOS Guide
- Extreme Networks ExtremeWare Command
- Extreme Networks ExtremeWare Enterprise Manager
- Extreme Networks EPICenter Guide
- Extreme Networks ExtremeXOS ScreenPlay
- Extreme Networks ExtremeWireless AP460i
- Extreme Networks ExtremeWireless AP460e
- Extreme Networks ExtremeSwitching X440-G2-24p-10GE4
- Extreme Networks ExtremeSwitching X440-G2-24t-10GE4-DC
- Extreme Networks ExtremeSwitching X440-G2-24fx-GE4
- Extreme Networks ExtremeSwitching X450-G2-24p-GE4
- Extreme Networks ExtremeSwitching X450-G2-24p-10GE4
- Extreme Networks ExtremeSwitching X460-G2-24t-10GE4
- Extreme Networks ExtremeSwitching X460-G2-24p-GE4
- Extreme Networks ExtremeSwitching X620-16x
- Extreme Networks ExtremeSwitching X670-G2-48x-4q
- Extreme Networks ExtremeSwitching X620-8t-2x