Table of Contents
Advertisement
set policy rule
|Ether II packet type
|LLC DSAP/SSAP/CTRL
|VLAN tag
|Replace tci
|Port string
=============================================================
set policy rule
Use this command to assign incoming untagged frames to a specific policy profile and to VLAN or
Class‐of‐Service classification rules.
Syntax
This command has two forms of syntax—one to create an admin rule, and the other to create a
traffic classification rule and attach it to a policy profile.
set policy rule admin-profile {vlantag data [mask mask] admin-pid profile-index}
[port-string port-string]
set policy rule profile-index {ether | ipproto | ipdestsocket | ipsourcesocket |
iptos | macdest | macsource | tcpdestport | tcpsourceport | udpdestport |
udpsourceport} data [mask mask] {[vlan vlan] [cos cos] | [drop | forward]}
Parameters
The following parameters apply to creating an admin rule. See the Usage section below for more
information about admin rules.
admin‐profile
vlantag data
mask mask
admin‐pid
profile‐index
port‐string port‐string
The following parameters apply to creating a traffic classification rule.
11-10 Policy Classification Configuration
|
|
|
|
| X | X | X | X | X | X |
Note: Refer to
Appendix
A,
certain rule types for this platform.
Note: Classification rules are automatically enabled when created.
Specifies that this is an admin rule.
Classifies based on VLAN tag specified by data. Value of data can range
from 1 to 4094 or 0xFFF.
(Optional) Specifies the number of significant bits to match, dependent
on the data value entered. Value of mask can range from 1 to 12.
Refer to Table
value.
Associates this admin rule with a policy profile, identified by its index
number. Policy profiles are configured with the set policy profile
command as described in "set policy profile" on page 11‐4.
Valid profile‐index values are 1‐ 255.
(Optional) Assigns this rule with the specified policy profile on specific
ingress port(s). Rule would not be used until policy is assigned to the
specified port(s) using the set policy port command as described in "set
policy port" on page 11‐15.
|
| X | X | X | X |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Policy and Authentication Capacities
11‐3 for valid values for each classification type and data
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
for information about limits on
- Quick Links:
- Set Ip Address
Hide quick links:
Advertisement
Table of Contents
Need help?
Do you have a question about the SECURESTACK C3 and is the answer not in the manual?
Questions and answers