Manualshelf

Specifications

ManualsBrandsSimplicity ManualsSewing MachineSA2200
461462463464465466467468469470
set security acl
Chapter 14
Security ACL Commands
466
The following command creates acl_125 by defining an ACE that denies TCP
packets from source IP address 192.168.0.1 to destination IP address 192.168.0.2
for established sessions only, and counts the hits:
PROMPT# set security acl ip acl_125 deny tcp 192.168.0.1 0.0.0.0 192.168.0.2
0.0.0.0 established hits
The following command adds an ACE to acl_125 that denies TCP packets from
source IP address 192.168.1.1 to destination IP address 192.168.1.2, on
destination port 80 only, and counts the hits:
PROMPT# set security acl ip acl_125 deny tcp 192.168.1.1 0.0.0.0 192.168.1.2
0.0.0.0 eq 80 hits
Finally, the following command commits the security ACLs in the edit buffer to
the configuration:
PROMPT# commit security acl all
configuration accepted
See Also
l clear security acl on page 454
l commit security acl on page 458
l show security acl on page 470