Manualshelf

3Com Switch 8800 Family IPsec Module Configuration and Command reference Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module
71727374757677787980
74 CHAPTER 5: ACL CONFIGURATION
The user can add appropriate access rules by configuring firewall. IP packets
passing the security gateway will be checked through packet filtering and the
packets that the user does not want them to pass the security gateway will be
ruled out. Thus, network security is protected.
Interface-Based ACL Interface-based ACL is a kind of special ACL, which specifies rules according to
packet-receiving interface.
An interface-based ACL can be created and interface-based ACL view be entered
by the previously mentioned ACL command. In interface-based ACL view, the
rules of interface-based ACL can be created.
The following command can be used to define an interface-based ACL rule:
rule [ rule-id ] { permit | deny } interface { interface-type interface-number | any
} [ time-range time-name ] [ logging ]
Parameter description:
rule-id: Optional, number of ACL rule, ranging from 0 to 65,534. After the
number is specified, if the ACL rule related to the number has existed, the new
rule will overwrite the old one, just as editing an existing ACL rule. If you want
to edit an existing ACL rule, you are recommended to delete the existing rule
and then create a new one. Otherwise, the edited rule may not be the
expected ACL rule. If the ACL rule related to the number does not exist, use the
Tabl e 60 Mnemonics of ICMP packet type
Mnemonic Meaning
echo
echo-reply
fragmentneed-DFset
host-redirect
host-tos-redirect
host-unreachable
information-reply
information-request
net-redirect
net-tos-redirect
net-unreachable
parameter-problem
port-unreachable
protocol-unreachable
reassembly-timeout
source-quench
source-route-failed
timestamp-reply
timestamp-request
ttl-exceeded
Type=8, Code=0
Type=0, Code=0
Type=3, Code=4
Type=5, Code=1
Type=5, Code=3
Type=3, Code=1
Type=16,Code=0
Type=15,Code=0
Type=5, Code=0
Type=5, Code=2
Type=3, Code=0
Type=12,Code=0
Type=3, Code=3
Type=3, Code=2
Type=11,Code=1
Type=4, Code=0
Type=3, Code=5
Type=14,Code=0
Type=13,Code=0
Type=11,Code=0