R3303-HP 6600/HSR6600 Routers ACL and QoS Command Reference
20
Parameters Function Descri
p
tion
destination-port
operator port1
[ port2 ]
Specifies one or
more UDP or TCP
destination ports.
UDP port numbers can be represented as: biff (512), bootpc (68),
bootps (67), discard (9), dns (53), dnsix (90), echo (7), mobilip-ag
(434), mobilip-mn (435), nameserver (42), netbios-dgm (138),
netbios-ns (137), netbios-ssn (139), ntp (123), rip (520), snmp
(161), snmptrap (162), sunrpc (111), syslog (514), tacacs-ds (65),
talk (517), tftp (69), time (37), who (513), and xdmcp (177).
{ ack ack-value
| fin fin-value |
psh psh-value |
rst rst-value |
syn syn-value |
urg urg-value }
*
Specifies one or
more TCP flags
including ACK,
FIN, PSH, RST,
SYN, and URG.
Parameters specific to TCP.
The value for each argument can be 0 (flag bit not set) or 1 (flag bit
set).
established
Specifies the flags
for indicating the
established status
of a TCP
connection.
Parameter specific to TCP.
The rule matches TCP connection packets with the ACK or RST flag bit
set.
If the protocol argument takes icmp (1), set the parameters shown in Table 8.
Table 8 ICMP-specific parameters for IPv4 advanced ACL rules
Parameters Function Descri
p
tion
icmp-type { icmp-type
[ icmp-code ] |
icmp-message }
Specifies the ICMP
message type and
code.
The icmp-type argument is in the range of 0 to 255.
The icmp-code argument is in the range of 0 to 255.
The icmp-message argument specifies a message name.
Supported ICMP message names and their corresponding
type and code values are listed in Table 9.
Table 9 ICMP message names supported in IPv4 advanced ACL rules
ICMP messa
g
e name ICMP messa
g
e t
yp
e
ICMP messa
g
e code
echo 8 0
echo-reply 0 0
fragmentneed-DFset 3 4
host-redirect 5 1
host-tos-redirect 5 3
host-unreachable 3 1
information-reply 16 0
information-request 15 0
net-redirect 5 0
net-tos-redirect 5 2
net-unreachable 3 0
parameter-problem 12 0