User Manual
Chapter 4 - Operation and Administration Using the CLI NPU Configuration
4Motion 231 System Manual
Destination
port
[{gt
<port-numb
er
(1-65535)>
Indicates that TCP/ UDPtraffic is
to be permitted or denied to the
NPU interface source port for
which the port number is greater
than the value of this parameter.
npu(config-ext-nacl)#
permit tcp host 1.1.1.1
host any gt 8080
npu(config-ext-nacl)# deny
udp any any
[{lt
<port-numb
er
(1-65535)>
Indicates that TCP/ UDP traffic is
to be permitted or denied to the
NPU interface source port for
which the port number is less
than the value of this parameter.
npu(config-ext-nacl)#
permit tcp host 1.1.1.0
255.255.255.0 any lt 1111
npu(config-ext-nacl)# deny
udp any host 1.1.1.1 lt
1010
[{eq
<port-numb
er
(1-65535)>
Indicates that TCP/ UDP traffic is
to be permitted or denied to the
NPU interface source port for
which the port number is equal
to the value of this parameter.
npu(config-ext-nacl)#
permit tcp any 1.1.1.0
255.255.255.0 eq 8080
npu(config-ext-nacl)# deny
udp any host 1.1.1.1 eq
4040
range
<port-numb
er
(1-65535)>
<port-numb
er
(1-65535)>
}]
Indicates that TCP/ UDP traffic is
to be permitted or denied the
NPU interface source port for
which the port number is within
the range specified by this
parameter.
npu(config-ext-nacl)#
permit tcp host 1.1.1.1
host 1.1.1.0 255.255.255.0
range 1010 8080
npu(config-ext-nacl)# deny
udp host 1.1.1.1 any range
1010 4040
Command
Syntax
npu(config-ext-nacl)# deny tcp {any | host <src-ip-address> |
<src-ip-address> <src-mask> } [{gt <port-number (1-65535)> | lt
<port-number (1-65535)> |eq <port-number (1-65535)> | range <port-number
(1-65535)> <port-number (1-65535)>}] {any | host <dest-ip-address> |
<dest-ip-address> <dest-mask>} {gt <port-number (1-65535)> | lt
<port-number (1-65535)> | eq <port-number (1-65535)> | range
<port-number (1-65535)> <port-number (1-65535)>}]
npu(config-ext-nacl)# deny udp {any | host <src-ip-address> |
<src-ip-address> <src-mask> } [{gt <port-number (1-65535)> | lt
<port-number (1-65535)> |eq <port-number (1-65535)> | range <port-number
(1-65535)> <port-number (1-65535)>}] {
any | host <de
st-ip-address> |
<de
st-ip-address> <dest-mask>} {gt <port-number (1-65535)> | lt
<port-number (1-65535)> | eq <port-number (1-65535)> | range
<port-number (1-65535)> <port-number (1-65535)>}]
Table 4-18: Parameters for Configuring Permit/Deny Rules for TCP/UDP Traffic
Parameter Description Example