Create Access-List Tcp Destination Source Ports - Extreme Networks ExtremeWare Command Reference Manual
Hide thumbs
Also See for ExtremeWare:
- Command reference manual (2620 pages) ,
- Command reference manual (2546 pages) ,
- Command reference manual (1598 pages)
Table of Contents
Advertisement
Security Commands
create access-list tcp destination source ports
create access-list <name> tcp destination [<dest_ipaddress>/<mask> | any]
ip-port [<dst_port> | range <dst_port_min> <dst_port_max> | any]
source [<src_ipaddress>/<src_mask> | any] ip-port [<src_port> | range
<src_port_min> <src_port_max> | any] [permit <qosprofile> |
permit-established | deny] ports [<portlist> | any] {precedence
<precedence_num>}
Description
Creates a named IP access list that applies to TCP traffic.
Syntax Description
name
dest_ipaddress/mask
dst_port
dst_port_min
dst_port_max
src_ipaddress/src_mask
src_port
src_port_min
src_port_max
permit
qosprofile
permit-established
deny
portlist
prec_number
Default
N/A.
852
Specifies the access list name. The access list name can be between 1 and
31 characters.
Specifies an IP destination address and subnet mask. A mask length of 32
indicates a host entry.
any specifies that any address will match.
Specifies a TCP layer 4 port.
any specifies that all TCP ports will match.
Specifies the beginning of a TCP layer 4 port range.
Specifies the end of a TCP layer 4 port range.
Specifies a source IP address and subnet mask.
any specifies that any address will match.
Specifies a TCP layer 4 port.
any specifies that all TCP ports will match.
Specifies the beginning of a TCP layer 4 port range.
Specifies the end of a TCP layer 4 port range.
Specifies that packets that match the access list description are permitted to
be forward by this switch.
Specifies an optional QoS profile can be assigned to the access list, so that
the switch can prioritize packets accordingly.
Specifies that a currently-established TCP session is allowed, but TCP
packets from source to destination (uni-directional) with SYN=1 and ACK=0 (to
initiate a new session) will be dropped.
Specifies that packets that match the access list description are filtered
(dropped) by the switch.
Specifies the ingress port(s) on which this rule is applied.
any specifies that the rule will be applied to all ports.
Specifies the access list precedence number. The range is 1 to 25,600.
ExtremeWare Software 7.3.0 Command Reference Guide
Advertisement
Table of Contents
