Lucent Technologies 6000 User Manual

Page 416

Advertising
background image

9-52

MAX 6000/3000 Network Configuration Guide

Configuring IP Routing
Configuring WAN interfaces

Note:

A filter definition cannot contain new lines. The syntax is shown here on multiple lines

for printing purposes only.

Keyword or argument Description

iptos

Specifies an IP filter.

dir

Specifies filter direction. You can specify

in

(to filter packets com-

ing into the MAX) or

out

(to filter packets going out of the MAX).

dstip

n.n.n.n/nn

If the

dstip

keyword is followed by a valid IP address, the TOS

filter sets bytes only in packets with that destination address. If a
subnet mask portion of the address is present, the MAX compares
only the masked bits. If the

dstip

keyword is followed by the zero

address (0.0.0.0), or if this keyword and its IP address specification
are not present, the filter matches all IP packets.

srcip

n.n.n.n/nn

If the

srcip

keyword is followed by a valid IP address, the TOS

filter sets bytes only in packets with that source address. If a subnet
mask portion of the address is present, the MAX compares only the
masked bits. If the

srcip

keyword is followed by the zero address

(0.0.0.0), or if this keyword and its IP address specification are not
present, the filter matches all IP packets.

proto

Specifies a TCP/IP protocol number. A value of zero matches all
protocols. If you specify a nonzero number, the MAX compares it
to the Protocol field in packets. For a complete list of protocol num-
bers, see RFC 1700.

dstport

cmp value

If the

dstport

keyword is followed by a comparison symbol and a

port, the MAX compares the specified port to the destination port
of a packet. The comparison symbol can be < (less-than), = (equal),
> (greater-than), or != (not-equal). The port value can be one of the
following names or numbers: ftp-data (20), ftp (21), telnet (23),
smtp (25), nameserver (42), domain (53), tftp (69), gopher (70),
finger (79), www (80), kerberos (88), hostname (101), nntp (119),
ntp (123), exec (512), login (513), cmd (514), or talk (517).

srcport

cmp value If the srcport keyword is followed by a comparison symbol and

a port name or number, the MAX compares the specified port to the
source port of a packet. The comparison symbol can be <
(less-than), = (equal), > (greater-than), or != (not-equal). The port
value can be one of the following names or numbers: ftp-data (20),
ftp (21), telnet (23), smtp (25), nameserver (42), domain (53), tftp
(69), gopher (70), finger (79), www (80), kerberos (88), hostname
(101), nntp (119), ntp (123), exec (512), login (513), cmd (514), or
talk (517).

Advertising
This manual is related to the following products:

3000

Popular Brands
Popular manuals