H3C S7500 Series Ethernet Switches Operation Manual

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

671

672

673

674

675

676

677

678

679

680

Operation Manual – ACL

H3C S7500 Series Ethernet Switches Chapter 1

ACL Configuration

1-13

Parameter Type Function Remarks

established

“TCP

connection

established”

flag

Specifies that the

rule is applicable

only to the first

SYN segment for

establishing a

TCP connection

TCP-specific argument

 Note:

Only Type A LPUs support the “range” operation on the TCP/UDP port.

If the protocol type is ICMP, you can also define the following information:

Table 1-11 ICMP-specific rule information

Parameter Type Function Remarks

icmp-type

icmp-code

Type and message

code information

of ICMP packets

Specifies the type

and message code

information of

ICMP packets in

the ACL rule

icmp-type: ICMP

message type,

ranging 0 to 255

icmp-code: ICMP

message code,

ranging 0 to 255

If the protocol type is ICMP, you can also directly input the ICMP message name after

the icmp-type argument. The following table describes some common ICMP

messages.

Table 1-12 ICMP messages

Name ICMP TYPE ICMP CODE

echo Type=8 Code=0

echo-reply Type=0 Code=0

fragmentneed-DFset Type=3 Code=4

host-redirect Type=5 Code=1

host-tos-redirect Type=5 Code=3

host-unreachable Type=3 Code=1

information-reply Type=16 Code=0

information-request Type=15 Code=0

net-redirect Type=5 Code=0

net-tos-redirect Type=5 Code=2