Permit – Brocade Communications Systems RFS6000 User Manual

Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide

463

53-1001931-01

Extended ACL config commands

14

permit

Extended ACL config commands

Permits specific packets.

NOTE

ACLs do not allow DHCP messages to flow by default. Configure an Access Control Entry (ACE) to
allow DHCP messages to flow through.

RFController(config-ext-nacl)#permit ip xxx.xxx.xxx.xxx/x 192.168.2.0/24

RFController(config-ext-nacl)#permit ip any host xxx.xxx.xxx.xxx

RFController(config-ext-nacl)#

Supported in the following platforms:

•

Mobility RFS4000 Controller

•

Mobility RFS6000 Controller

•

Mobility RFS7000 Controller

Syntax

permit

[icmp|ip|tcp|upd|proto]

permit icmp

[<source-IP/Mask>|any|host <ip>] [<dest-IP/Mask>|any|host <IP>]

{<ICMP-type> {<ICMP-code>}} {log} {rule-precedence <1-5000>]}

permit ip

[<source-IP/Mask>|any|host <IP>] [<dest-IP/mask>|any|host <IP>]

{log} {rule-precedence <1-5000>}

permit [tcp|udp]

[<source-ip/mask>|any|host <IP>]

{eq <source-port>|range

<starting-source-port> <ending-source-port>} [<dest-IP/Mask|any|host <IP>] {eq

<source-port>} {range <starting-source-port> <ending-source-port>} {log}

{rule-precedence <1-5000>}

permit proto

[<1-254>|WORD|eigrp|gre|igmp|igp|ospf|vrrp]

[<source-IP/Mask>|any|host <IP>][<dest-IP/Mask>|any|host <IP>]

{log} {rule-description<WORD>|rule-precedence<1-5000>}