Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S6000 ON

211

212

213

214

215

216

217

218

219

220

• fin: nish (no more data from the user)

• psh: push function

• rst: reset the connection

• syn: synchronize sequence numbers

• urg: urgent eld

• established: datagram of established TCP session

Use the established ag to match only ACK and RST ags of established TCP

session.

You cannot use established along with the other control ags

While using the established ag in an ACL rule, all the other TCP control ags are

masked, to avoid redundant TCP control ags conguration in a single rule. When you use

any TCP control ag in an ACL rule, established is masked and other control ags are

available.

dscp Enter the keyword dscp to deny a packet based on the DSCP value. The range is from 0

to 63.

operator (OPTIONAL) Enter one of the following logical operand:

• eq = equal to

• neq = not equal to

• gt = greater than

• lt = less than

• range = inclusive range of ports (you must specify two ports for the port parameter)

port port Enter the application layer port number. Enter two port numbers if you are using the

range logical operand. The range is from 0 to 65535.

The following list includes some common TCP port numbers:

• 23 = Telnet

• 20 and 21 = FTP

• 25 = SMTP

• 169 = SNMP

destination Enter the IP address of the network or host to which the packets are sent.

mask Enter a network mask in /prex format (/x) or A.B.C.D. The mask, when specied in

A.B.C.D format, may be either contiguous or non-contiguous.

count (OPTIONAL) Enter the keyword count to count packets the lter processes.

byte (OPTIONAL) Enter the keyword byte to count bytes the lter processes.

order (OPTIONAL) Enter the keyword order to specify the QoS priority for the ACL entry.

The range is from 0 to 254 (where 0 is the highest priority and 254 is the lowest; lower-

order numbers have a higher priority). If you do not use the keyword order, the ACLs

have the lowest order by default (255).

fragments Enter the keyword fragments to use ACLs to control packet fragments.

monitor (OPTIONAL) Enter the keyword monitor then the session–ID to describe the trac

that you want to monitor and the ACL in which you are creating the rule is applied to the

monitored interface. The session–ID range is from 0 to 65535. For more information, see

Access Control Lists (ACL) 211