2 acl profile delete command – ZyXEL Communications IES-708-22A User Manual

Page 370

Advertising
background image

Chapter 55 ACL Commands

IES-708-22A User’s Guide

370

• vlan < vid > dmac <mac>
• smac < mac > dmac <mac>
• vlan < vid > priority <priority>
• etype <etype>
• vlan <vid>
• smac <mac>
• dmac <mac>
• priority <priority>
• protocol <protocol>
• srcip <ip>/<mask> [dstip <ip>/<mask> [tos <stos> <etos>

[srcport <sport> <eport> [dstport <sport> <eport>]]]]

where

etype <etype>

= Ethernet type (0~65535).

vlan <vid>

= VLAN ID (1~4094).

smac <mac>

= Source MAC address.

dmac <mac>

= Destination MAC address.

priority

<

priority

> = Priority (0 ~ 7)

protocol

<

protocol

> = Protocol type:

tcp

,

udp

,

ospf

,

igmp

,

ip

,

gre

,

icmp

or user

specified IP protocol number <0 ~ 255>.

srcip <ip>/<mask>

= Source IP address and subnet mask (0~32).

dstip <ip>/<mask>

= Destination IP address and subnet mask (0~32).

tos <stos> <etos>

= Sets the ToS (Type of Service) range between 0 and 255.

srcport <sport> <eport>

= Source port range (0~65535).

dstport <sport> <eport>

= Destination port range (0~65535).

The following guidelines apply to classifiers.

• You can apply one classifier for a protocol on a port’s PVC.
• You cannot create a classifier that contains matching criteria for layer 2 and layer 3 fields.

For example

switch acl profile set test protocol tcp vlan 15 deny

is

not allowed as protocol type and VLAN do not belong to the same network layer.

• Each type of criteria can only be used once in a classifier. For example,

profile acl

set test protocol tcp protocol udp deny

is not allowed. For this example,

you need to create a separate classifier for each protocol and apply them to the same
PVC(s).

The following example creates an ACL rule example named

test

for traffic from VLAN 10

with a priority level of 2. This rule limits the rate on the classified traffic to 1000 kbps and
changes the priority level to 7.

55.1.2 ACL Profile Delete Command

Syntax:

ras> switch acl profile delete <profile>

ras> switch acl profile set test vlan 10 priority 2 rate 1000 rpri 7

Advertising
Popular Brands
Popular manuals