Manualshelf

Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048-ON
121122123124125126127128129130
seq sequence-number {deny | permit} tcp {source mask | any | host ip-address} [count [byte]]
[order] [monitor [session-id]] [fragments]
Congure Filters, UDP Packets
To create a lter for UDP packets with a specied sequence number, use the following commands.
1 Create an extended IP ACL and assign it a unique name.
CONFIGURATION mode
ip access-list extended access-list-name
2 Congure an extended IP ACL lter for UDP packets.
CONFIG-EXT-NACL mode
seq sequence-number {deny | permit} tcp {source mask | any | host ip-address} [count [byte]]
[order] [monitor [session-id]] [fragments]
Example of the seq Command
When you create the lters with a specic sequence number, you can create the lters in any order and the lters are placed in the correct
order.
NOTE: When assigning sequence numbers to lters, you may have to insert a new lter. To prevent reconguring multiple lters,
assign sequence numbers in multiples of ve or another number.
The example below shows how the seq command orders the lters according to the sequence number assigned. In the example, lter 15
was congured before lter 5, but the
show config command displays the lters in the correct order.
Dell(config-ext-nacl)#seq 15 deny ip host 112.45.0.0 any log monitor 501
Dell(config-ext-nacl)#seq 5 permit tcp 12.1.3.45 0.0.255.255 any
Dell(config-ext-nacl)#show config
!
ip access-list extended dilling
seq 5 permit tcp 12.1.0.0 0.0.255.255 any
seq 15 deny ip host 112.45.0.0 any log monitor 501
Dell(config-ext-nacl)#
Conguring Filters Without a Sequence Number
If you are creating an extended ACL with only one or two lters, you can let Dell Networking OS assign a sequence number based on the
order in which the lters are congured. Dell Networking OS assigns lters in multiples of ve.
To congure a lter for an extended IP ACL without a specied sequence number, use any or all of the following commands:
Congure a deny or permit lter to examine IP packets.
CONFIG-EXT-NACL mode
{deny | permit} {source mask | any | host ip-address} [count [byte]] [order] [monitor
[session-id]] [fragments]
Congure a deny or permit lter to examine TCP packets.
CONFIG-EXT-NACL mode
{deny | permit} tcp {source mask] | any | host ip-address}} [count [byte]] [order] [monitor
[session-id]] [fragments]
Congure a deny or permit lter to examine UDP packets.
CONFIG-EXT-NACL mode
124
Access Control Lists (ACLs)