R3204P16-HP Load Balancing Module Security Command Reference-6PW101
12
Parameters Function Descri
p
tion
{ ack ack-value | fin
fin-value | psh
psh-value | rst
rst-value | syn
syn-value | urg
urg-value } *
Specifies one or
more TCP flags
including ACK, FIN,
PSH, RST, SYN, and
URG
Parameters specific to TCP.
The value for each argument can be 0 (flag bit not set) or 1
(flag bit set).
The TCP flags in a rule are ORed. For example, a rule
configured with ack 1 psh 0 matches packets that have the
ACK flag bit set and packets that have the PSH flag bit not set.
established
Specifies the flags for
indicating the
established status of
a TCP connection
Parameter specific to TCP.
The rule matches TCP connection packets with the ACK or RST
flag bit set.
If the protocol argument takes icmp (1), you can set the parameters shown in Table 6.
Table 6 ICMP-specific parameters for IPv4 advanced ACL rules
Parameters Function
Descri
p
tion
icmp-type { icmp-type [ icmp-code ]
| icmp-message }
Specifies the ICMP message type
and code
The icmp-type argument ranges
from 0 to 255.
The icmp-code argument ranges
from 0 to 255.
The icmp-message argument
specifies a message name.
Supported ICMP message names
and their corresponding type and
code values are listed in Table 7.
Table 7 ICMP message names supported in IPv4 advanced ACL rules
ICMP messa
g
e name ICMP messa
g
e t
yp
e
ICMP messa
g
e code
echo 8 0
echo-reply 0 0
fragmentneed-DFset 3 4
host-redirect 5 1
host-tos-redirect 5 3
host-unreachable 3 1
information-reply 16 0
information-request 15 0
net-redirect 5 0
net-tos-redirect 5 2
net-unreachable 3 0
parameter-problem 12 0
port-unreachable 3 3
protocol-unreachable 3 2
reassembly-timeout 11 1