User's Manual
Chapter 3 - Operation and Administration Using the CLI NPU Configuration
4Motion 186 System Manual
npu(config-ext-nacl)# permit udp {any | host <src-ip-address> |
<src-ip-address> <src-mask>} [{gt <port-number (1-65535)> | lt
<port-number (1-65535)> |eq <port-number (1-65535)> | range
<port-number (1-65535)> <port-number (1-65535)>}] {any | host
<dest-ip-address> | <dest-ip-address> <dest-mask>} {gt <port-number
(1-65535)> | lt <port-number (1-65535)> | eq <port-number
(1-65535)> | range <port-number (1-65535)> <port-number
(1-65535)>}]
Run the following commands to specify the Deny rule for TCP/UDP traffic from/to
a specific source/destination IP address/port:
npu(config-ext-nacl)# deny tcp {any | host <src-ip-address> |
<src-ip-address> <src-mask>} [{gt <port-number (1-65535)> | lt
<port-number (1-65535)> |eq <port-number (1-65535)> | range
<port-number (1-65535)> <port-number (1-65535)>}] {any | host
<dest-ip-address> | <dest-ip-address> <dest-mask>} {gt <port-number
(1-65535)> | lt <port-number (1-65535)> | eq <port-number
(1-65535)> | range <port-number (1-65535)> <port-number
(1-65535)>}]
npu(config-ext-nacl)# deny udp {any | host <src-ip-address> |
<src-ip-address> <src-mask>} [{gt <port-number (1-65535)> | lt
<port-number (1-65535)> |eq <port-number (1-65535)> | range
<port-number (1-65535)> <port-number (1-65535)>}] {any | host
<dest-ip-address> | <dest-ip-address> <dest-mask>} {gt <port-number
(1-65535)> | lt <port-number (1-65535)> | eq <port-number
(1-65535)> | range <port-number (1-65535)> <port-number
(1-65535)>}]
In the above commands, it is mandatory to specify the source and destination IP
address for which the Permit/Deny rule is to be created.
The following table lists the parameters and their descriptions in these
commands:
IMPORTANT
To increase the granularity of the Permit/Deny rule you are creating, specify the source and
destination port numbers for the source and destination IP addresses.