3Com Switch 4200G Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

206 CHAPTER 26: ACL CONFIGURATION

If the protocol type is TCP or UDP, you can also define the following information:

If the protocol type is ICMP, you can also define the following information:

destination

{ dest-addr

dest-wildcard | any }

Destination

address

information

Specifies the

destination address

information in the

rule

dest-addr dest-wildcard is used to

specify the destination address of

the packet, expressed in dotted

decimal notation

any represents any destination

address

precedence

precedence

Packet

precedence

Packet priority Value range: 0 to 7

tos tos Packet

precedence

ToS priority Value range: 0 to 15

dscp dscp Packet

precedence

DSCP priority Value range: 0 to 63

fragment Fragment

information

Specifies that the

rule is effective for

non-initial fragment

packets

-

time-range

time-name

Time range

information

Specifies the time

range in which the

rule is active

-

Table 176 TCP/UDP-specific rule information

Parameter Type Function Description

source-port operator

port1 [ port2 ]

Source port(s) Defines the source

port information of

UDP/TCP packets

The value of operator can be lt

(less than), gt (greater than), eq

(equal to), neq (not equal to) or

range (within the range of) Only

the “range” operator requires

two port numbers as the

operands, and other operators

require only one port number as

the operand

port1 and port2: TCP/UDP port

number(s), expressed with

name(s) or numerals; when

expressed with numerals, the

value range is 0 to 65,535

destination-port

operator port1 [

port2 ]

Destination

port(s)

Defines the

destination port

information of

UDP/TCP packets

established “TCP

connection

established”

flag

Specifies that the

rule will match TCP

connection packets

with the ack or rst

flag

TCP-specific argument

Table 177 ICMP-specific rule information

Parameter Type Function Description

icmp-type icmp-type

icmp-code

Type and

message code

information of

ICMP packets

Specifies the type

and message code

information of

ICMP packets in the

rule

icmp-type: ICMP message type,

ranging 0 to 255

icmp-code: ICMP message code,

ranging 0 to 255

Table 175 Rule information (Continued)

Parameter Type Function Description