Deny/Permit (Ipv4 Tcp/Udp Acl Rule) - Mellanox Technologies Mellanox SX1018 Command Reference Manual

deny/permit (IPv4 TCP/UDP ACL rule)

[seq-number <sequence-number>] {permit | deny} {tcp | udp} {<source-ip>
[mask <ip>] | [any]} {<dest-ip> [mask <ip>]| [any]} [eq-source <port-number>]
[eq-destination <port-number>] [action <action-id>]
no <sequence-number>
Creates a rule for IPv4 UDP/TCP ACL.
The no form of the command deletes a rule from the ACL.
Syntax Description sequence-number
deny | permit
tcp | udp
{any | <source-ip> [mask
<ip>]}
{any | <destination-ip>
[mask <ip>]}
[eq-source <port-num-
ber>]
[eq-destination <port-
number>]
Default No rule is added by default to access control list.
Default sequence number is in multiple of 10.
Modes/Context Config IPv4 ACL
History 3.1.1400
Role admin
Example
switch (config ipv4 access-list my-list) # seq-number 10 deny tcp any
any eq-source 1200
switch (config ipv4 access-list my-list) #
Related Commands ipv4/mac access-list
ipv4/mac port access-group
Note
Optional parameter to set a specific sequence number
for the rule. The range is:1-500.
Determines the type of the rule, deny or permit action.
UDP or TCP rule transport type.
Sets source IP and optionally sets a mask for that IP
address. The "any" option will cause the rule not to
check the source IP.
Sets destination IP and optionally sets a mask for that
MAC. The "any" option will cause the rule not to check
the destination MAC.
TCP/UDP source port number. Range is 0-65535.
TCP/UDP destination port number. Range is 0-65535.
Mellanox Technologies
Rev 1.6.2
386