Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S6100-ON

171

172

173

174

175

176

177

178

179

180

any Enter the keyword any to specify that all routes are subject to the filter.

host

ip-address

Enter the keyword host then the IP address to specify a host IP address.

dscp Enter this keyword dscp to deny a packet based on the DSCP value. The range is

from 0 to 63.

bit

Enter a flag or combination of bits:

● ack: acknowledgement field

● fin: finish (no more data from the user)

● psh: push function

● rst: reset the connection

● syn: synchronize sequence numbers

● urg: urgent field

operator (OPTIONAL) Enter one of the following logical operand:

● eq = equal to

● neq = not equal to

● gt = greater than

● lt = less than

● range = inclusive range of ports (you must specify two ports for the port

command)

port port

Enter the application layer port number. Enter two port numbers if using the range

logical operand. The range is from 0 to 65535.

The following list includes some common TCP port numbers:

● 23 = Telnet

● 20 and 21 = FTP

● 25 = SMTP

● 169 = SNMP

destination

Enter the IP address of the network or host to which the packets are sent.

mask

Enter a network mask in /prefix format (/x) or A.B.C.D. The mask, when specified

in A.B.C.D format, may be either contiguous or non-contiguous.

count (OPTIONAL) Enter the keyword count to count packets the filter processes.

byte (OPTIONAL) Enter the keyword byte to count bytes the filter processes.

order (OPTIONAL) Enter the keyword order to specify the QoS priority for the ACL

entry. The range is from 0 to 254 (where 0 is the highest priority and 254 is the

lowest; lower-order numbers have a higher priority) If you did not use the keyword

order, the ACLs have the lowest order by default (255).

fragments Enter the keyword fragments to use ACLs to control packet fragments.

monitor (OPTIONAL) Enter the keyword monitor then the session–ID to describe the

traffic that you want to monitor and the ACL in which you are creating the rule is

applied to the monitored interface. The session–ID range is from 0 to 65535. For

more information, see Flow-based Monitoring in the Port Monitoring section in the

Dell Networking OS Configuration Guide.

no-drop Enter the keywords no-drop to match only the forwarded packets.

Defaults Not configured.

Command Modes CONFIGURATION-EXTENDED-ACCESS-LIST

Command

History

This guide is platform-specific. For command information about other platforms, see the relevant Dell

Networking OS Command Line Reference Guide.

Access Control Lists (ACL) 179