Cisco ASR 9000 Series Configuration Manual page 274

Identifying HTTP Destinations for Redirection
Command or Action
[precedence precedence] [dscp dscp] [fragments]
[packet-length operator packet-length value] [log |
log-input]
• [ sequence-number ] {permit | deny} protocol
{source-ipv6-prefix/prefix-length | any | host
source-ipv6-address} [operator {port | protocol-port}]
{destination-ipv6-prefix/prefix-length | any | host
destination-ipv6-address} [operator {port |
protocol-port}] [dscp value] [routing] [authen]
[destopts] [fragments] [packet-length operator
packet-length value] [log | log-input]
Example:
RP/0/RSP0/CPU0:router(config-ipv4-acl)# 10 permit
172.16.0.0 0.0.255.255
RP/0/RSP0/CPU0:router(config-ipv4-acl)# 20 deny
192.168.34.0 0.0.0.255
or
RP/0/RSP0/CPU0:router(config-ipv6-acl)# 20 permit
icmp any any
RP/0/RSP0/CPU0:router(config-ipv6-acl)# 30 deny tcp
any any gt 5000
Step 7 Repeat Step 6 as necessary, adding statements by sequence
number. Use the no sequence-number command to delete
an entry.
Step 8 Use the commit or end command.
Identifying HTTP Destinations for Redirection: An example
configure
ipv4 access-list <redirect-acl>
10 permit tcp any any syn eq www
20 permit tcp any any ack eq www
30 permit tcp any any eq www
ipv4 access-group <allow-acl>
Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide,
Release 4.3.x
262
Purpose
• The optional log keyword causes an information
logging message about the packet that matches the entry
to be sent to the console.
• The optional log-input keyword provides the same
function as the log keyword, except that the logging
message also includes the input interface.
or
Specifies one or more conditions allowed or denied in IPv6
access list open_garden_acl.
• Refer to the deny (IPv6) and permit (IPv6) commands
for more information on filtering IPv6 traffic based on
based on IPv6 option headers and optional, upper-layer
protocol type information.
Note Every IPv6 access list has an implicit deny ipv6 any
any statement as its last match condition. An IPv6
access list must contain at least one entry for the
implicit deny ipv6 any any statement to take effect.
Allows you to revise an access list.
commit—Saves the configuration changes and remains within
the configuration session.
end—Prompts user to take one of these actions:
• Yes— Saves configuration changes and exits the
configuration session.
• No—Exits the configuration session without committing
the configuration changes.
• Cancel—Remains in the configuration mode, without
committing the configuration changes.
Configuring Subscriber Features
OL-28375-03