Permit Tcp - Dell Force10 MXL Blade Reference Manual
Ftos command line reference guide for the mxl 10/40gbe switch io module
Hide thumbs
Also See for Force10 MXL Blade:
- Configuration manual (690 pages) ,
- Deployment manual (89 pages) ,
- Getting started manual (38 pages)
Table of Contents
Advertisement
permit tcp
Syntax
Parameters
112
|
Access Control Lists (ACL)
Configure a filter to pass TCP packets meeting the filter criteria.
permit tcp { source mask | any | host ip-address } [ bit ] [ operator port [ port ]] { destination mask | any
| host
ip-address
} [
bit
] [
dscp
To remove this filter, you have two choices:
Use the no seq
•
sequence-number
Use the no permit tcp {
•
ip-address
} command.
source
Enter the IP address of the network or host from which the packets were sent.
mask
Enter a network mask in /prefix format (/x) or A.B.C.D. The mask, when specified in
A.B.C.D format, may be either contiguous or non-contiguous.
any
Enter the keyword
host ip-address
Enter the keyword
bit
Enter a flag or combination of bits:
•
•
•
•
•
•
dscp
Enter this keyword to deny a packet based on DSCP value.
Range: 0-63
operator
(OPTIONAL) Enter one of the following logical operand:
•
•
•
•
•
port port
Enter the application layer port number. Enter two port numbers if using the range
logical operand.
Range: 0 to 65535.
The following list includes some common TCP port numbers:
•
•
•
•
destination
Enter the IP address of the network or host to which the packets are sent.
mask
Enter a network mask in /prefix format (/x) or A.B.C.D. The mask, when specified in
A.B.C.D format, may be either contiguous or non-contiguous.
count
(OPTIONAL) Enter the keyword
byte
(OPTIONAL) Enter the keyword
] [
operator port
[
port
]] [ count [ byte ]] [ order ] [ fragments ]
command if you know the filter's sequence number.
| any | host
source mask
ip-address
any
to specify that all routes are subject to the filter.
host
followed by the IP address to specify a host IP address.
ack:
acknowledgement field
fin
: finish (no more data from the user)
psh:
push function
rst:
reset the connection
syn:
synchronize sequence numbers
urg:
urgent field
eq
= equal to
neq
= not equal to
gt
= greater than
lt
= less than
range
= inclusive range of ports (you must specify two port for the
parameter.)
23 = Telnet
20 and 21 = FTP
25 = SMTP
169 = SNMP
count
byte
} {
destination mask
to count packets processed by the filter.
to count bytes processed by the filter.
| any | host
port
Advertisement
Table of Contents
