Connectivity Guide
permit udp
Congures a lter that allows UDP packets meeting the lter criteria.
Syntax
permit udp [A.B.C.D | A.B.C.D/x | any | host ip-address [eq | lt | gt | neq |
range]] [[A.B.C.D | A.B.C.D/x | any | host ip-address [eq | lt | gt | neq |
range] ] [ack | fin | psh | rst | syn | urg] [capture | count | dscp value |
fragment | log]
Parameters
• A.B.C.D — Enter the IPv4 address in dotted decimal format.
• A.B.C.D/x — Enter the number of bits that must match the dotted decimal address.
• any — (Optional) Enter the keyword any to specify any source or destination IP address.
• host ip-address — (Optional) Enter the IPv4 address to use a host address only.
• ack — (Optional) Set the bit as acknowledgement.
• fin — (Optional) Set the bit as nish—no more data from sender.
• psh — (Optional) Set the bit as push.
• rst — (Optional) Set the bit as reset.
• syn — (Optional) Set the bit as synchronize.
• urg — (Optional) Set the bit set as urgent.
• capture — (Optional) Capture packets the lter processes.
• count — (Optional) Count packets the lter processes.
• byte — (Optional) Count bytes lter processes.
• dscp value — (Optional) Permit a packet based on the DSCP values, from 0 to 63.
• fragment — (Optional) Use ACLs to control packet fragments.
• log — (Optional) Enables ACL logging. Information about packets that match an ACL rule are logged.
• operator — (Optional) Enter a logical operator to match the packets on the specied port number. The
following options are available:
– eq — (Optional) Permit packets which are equal to.
– lt — (Optional) Permit packets which are less than.
– gt — (Optional) Permit packets which are greater than.
– neq — (Optional) Permit packets which are not equal to.
– range — (Optional) Permit packets with a specic source and destination address.
NOTE
: The control-plane ACL supports only the eq operator.
Default Not congured
Command Mode IPV4-ACL
Usage Information OS10 cannot count both packets and bytes; when you enter the count byte options, only bytes increment. The
no version of this command removes the lter.
The count, byte, and log options are not supported on the S5148F-ON platform.
Example
OS10(config)# ip access-list testflow
OS10(conf-ipv4-acl)# permit udp any any capture session 1
Supported Releases 10.2.0E or later
Access Control Lists 921