Reference Guide
236 | Access Control Lists (ACL)
www.dell.com | support.dell.com
ip
Enter the keyword ip to configure a generic IP access list. The keyword ip
specifies that the access list will permit all IP protocols.
tcp
Enter the keyword tcp to configure a TCP access list filter.
udp
Enter the keyword udp to configure a UDP access list filter.
source
Enter the IP address of the network or host from which the packets were
sent.
mask
Enter a network mask in /prefix format (/x) or A.B.C.D. The mask, when
specified in A.B.C.D format, may be either contiguous or non-contiguous.
any
Enter the keyword any to specify that all routes are subject to the filter.
host ip-address Enter the keyword host followed by the IP address to specify a host IP
address.
operator
(OPTIONAL) Enter one of the following logical operands:
•
eq = equal to
•
neq = not equal to
•
gt = greater than
•
lt = less than
•
range = inclusive range of ports (you must specify two ports for the port
parameter.)
port port (OPTIONAL) Enter the application layer port number. Enter two port
numbers if using the
range logical operand.
Range: 0 to 65535
The following list includes some common TCP port numbers:
• 23 = Telnet
• 20 and 21 = FTP
• 25 = SMTP
• 169 = SNMP
destination
Enter the IP address of the network or host to which the packets are sent.
message-type (OPTIONAL) Enter an ICMP message type, either with the type (and code,
if necessary) numbers or with the name of the message type (ICMP message
types are listed in Table 7-2).
Range: 0 to 255 for ICMP type; 0 to 255 for ICMP code
count
(OPTIONAL) Enter the keyword count to count packets processed by the
filter.
byte
(OPTIONAL) Enter the keyword byte to count bytes processed by the filter.
log
(OPTIONAL, E-Series only) Enter the keyword log to enter ACL matches
in the log. Supported on Jumbo-enabled line cards only.
dscp
(OPTIONAL) Enter the keyword dcsp to match to the IP DCSCP values.
order
(OPTIONAL) Enter the keyword order to specify the QoS priority for the
ACL entry.
Range: 0-254 (where 0 is the highest priority and 254 is the lowest; lower
order numbers have a higher priority)
Default: If the order keyword is not used, the ACLs have the lowest order
by default (255).