Manualshelf

R3204P16-HP Load Balancing Module Security Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
11121314151617181920
10
[ icmp-code ] | icmp-message } | logging | precedence precedence | reflective | source { sour-addr
sour-wildcard | any } | source-port operator port1 [ port2 ] | time-range time-range-name | tos tos ] *
undo rule rule-id [ { { ack | fin | psh | rst | syn | urg } * | established } | counting | destination |
destination-port | dscp | fragment | icmp-type | logging | precedence | reflective | source |
source-port | time-range | tos ] *
View
IPv4 advanced ACL view
Default level
2: System level
Parameters
rule-id: Specifies a rule ID, which ranges from 0 to 65534. If no rule ID is provided when you create an
ACL rule, the system automatically assigns it a rule ID. This rule ID takes the nearest higher multiple of the
numbering step to the current highest rule ID, starting from 0. For example, if the rule numbering step is
5 and the current highest rule ID is 28, the rule is numbered 30.
deny: Denies matching packets.
permit: Allows matching packets to pass.
protocol: Protocol carried by IPv4. It can be a number in the range 0 to 255, or in words, gre (47), icmp
(1) , igmp (2), ip, ipinip (4), ospf (89), tcp (6), or udp (17) . Table 4 de
scribes the parameters that you can
specify regardless of the value that the protocol argument takes.
Table 4 Match criteria and other rule information for IPv4 advanced ACL rules
Parameters Function
Descri
p
tion
source { sour-addr
sour-wildcard | any }
Specifies a source address
The sour-addr sour-wildcard arguments represent a
source IP address and wildcard mask in dotted
decimal notation. An all-zero wildcard specifies a
host address.
The any keyword specifies any source IP address.
destination { dest-addr
dest-wildcard | any }
Specifies a destination
address
The dest-addr dest-wildcard arguments represent a
destination IP address and wildcard mask in dotted
decimal notation. An all-zero wildcard specifies a
host address.
The any keyword represents any destination IP
address.
counting
Counts the number of times
the IPv4 ACL rule has been
matched
precedence precedence
Specifies an IP precedence
value
The precedence argument can be a number in the
range 0 to 7, or in words, routine (0), priority (1),
immediate (2), flash (3), flash-override (4), critical
(5), internet (6), or network (7).
tos tos Specifies a ToS preference
The tos argument can be a number in the range 0 to
15, or in words, max-reliability (2),
max-throughput (4), min-delay (8),
min-monetary-cost (1), or normal (0).