Set security acl – 3Com WXR100 3CRWXR10095A User Manual
Page 600
600
C
HAPTER
14: S
ECURITY
ACL C
OMMANDS
Examples — The following commands show the edit buffer before a
rollback, clear any changes in the edit buffer to security acl_122, and
show the edit buffer after the rollback:
WX4400# display security acl info all editbuffer
ACL edit-buffer information for all
set security acl ip acl_122 (ACEs 3, add 3, del 0, modified 0)
---------------------------------------------------------
1. permit IP source IP 20.0.1.11 0.0.0.255 destination IP any enable-hits
2. deny IP source IP 20.0.2.11 0.0.0.0 destination IP any
3. deny SRC source IP 192.168.1.234 255.255.255.255 enable-hits
WX4400# rollback security acl acl_122
WX4400# display security acl info all editbuffer
ACL edit-buffer information for all
See Also
display security acl on page 590
set security acl
In the edit buffer, creates a security access control list (ACL), adds one
access control entry (ACE) to a security ACL, and/or reorders ACEs in the
ACL. The ACEs in an ACL filter IP packets by source IP address, a Layer 4
protocol, or IP, ICMP, TCP, or UDP packet information.
By source address
Syntax —
set
security
acl
ip
acl-name
{permit
[cos
cos]
|
deny
}
source-ip-addr mask
[before
editbuffer-index
|
modify
editbuffer-index
] [hits]
By Layer 4 protocol
Syntax —
set
security
acl
ip
acl-name
{permit
[cos
cos] |
deny
}
protocol-number
{source-ip-addr
mask
destination-ip-addr
mask}
[precedence precedence]
[tos tos] [before
editbuffer-index
|
modify
editbuffer-index
] [hits]
By IP packets
Syntax —
set
security
acl
ip
acl-name
{permit
[cos
cos]
|
deny
}
ip
{source-ip-addr
mask
destination-ip-addr
mask} [precedence
precedence] [tos
tos] [before
editbuffer-index
|
modify
editbuffer-index
] [hits]