Table of Contents
Advertisement
Command Reference Guide
permit <protocol> <source> <source port> <destination> <destination port>
Use the permit command to configure the IP hardware access control list (ACL) to permit specified
packets to enter the system. Use the no form of this command to remove the permit parameter from the
ACL. Variations of this command include:
permit <protocol> <source> <source port> <destination> <destination port>
permit <protocol> <source> <source port> <destination> <destination port> log
Syntax Description
<protocol>
<source>
<source port>
<destination>
<destination port>
60000CRG0-35E
Specifies the data protocol as ip, tcp, or udp.
Specifies the source used for packet matching. Sources can be expressed
in one of three ways:
1. Using the keyword any to match any IP address.
2. Using host <ip address> to specify a single host address. IP addresses
should be expressed in dotted decimal notation (for example,
10.10.10.1).
3. Using the <ip address> <wildcard mask> format to match all IP
addresses in a range. The wildcard mask corresponds to a range of IP
addresses (network) or a specific host. Wildcard masks are expressed
in dotted decimal notation (for example, 0.0.0.255).
Optional. The source port is used only when <protocol> is tcp or udp. The
following keywords and port numbers/names are supported for the
<source port> field:
eq <port>
range <min> <max>
Specifies the destination used for packet matching. Destinations can be
expressed in one of three ways:
1. Using the keyword any to match any IP address.
2. Using host <ip address> to specify a single host address. IP addresses
should be expressed in dotted decimal notation (for example,
10.10.10.1).
3. Using the <ip address> <wildcard mask> format to match all IP
addresses in a range. The wildcard mask corresponds to a range of IP
addresses (network) or a specific host. Wildcard masks are expressed
in dotted decimal notation (for example, 0.0.0.255).
Optional. The destination port is used only when <protocol> is tcp or udp.
The following keywords and port numbers are supported for the
<destination port> field:
eq <port>
Copyright © 2012 ADTRAN, Inc.
Hardware ACLs and Hardware Access Maps
Matches only packets equal to the specified
port number. Range is 0 to 65535.
Matches only packets that contain a port
number in the specified range. Range is 0 to
65535.
Matches only packets equal to the specified
port number. Range is 0 to 65535.
3114
Advertisement
Table of Contents
