3Com WXR100 3CRWXR10095A User Manual
Page 601
set security acl
601
By ICMP packets
Syntax —
set security acl ip
acl-name
{permit
[cos
cos] |
deny
}
icmp
{source-ip-addr
mask
destination-ip-addr
mask
[type
icmp-type] [code
icmp-code] [precedence
precedence ] [tos
tos]
[before
editbuffer-index
|
modify
editbuffer-index
] [hits]
By TCP packets
Syntax —
set
security
acl
ip
acl-name
{permit
[cos
cos] |deny}
tcp
{source-ip-addr
mask
[operator
port
[port2
]]
destination-ip-addr
mask
[operator
port
[port2
]]}
[precedence
precedence] [tos
tos] [established] [before
editbuffer-index
|
modify
editbuffer-index
] [hits]
By UDP packets
Syntax —
set
security
acl
ip
acl-name
{permit
[cos cos]
|
deny
}
udp
{source-ip-addr
mask
[operator port
[port2]]
destination-ip-addr
mask
[operator port
[port2]]}
[precedence
precedence]
[tos
tos]
[before
editbuffer-index
|
modify
editbuffer-index
]
[hits]
acl-name
— Security ACL name. ACL names must be unique within
the WX switch, must start with a letter, and are case-insensitive.
Specify an ACL name of up to 32 of the following characters:
Letters a through z and A through Z
Numbers 0 through 9
Hyphen (-), underscore (_), and period (.)
3Com recommends that you do not use the same name with different
capitalizations for ACLs. For example, do not configure two separate
ACLs with the names acl_123 and ACL_123.
In an ACL name, do not include the term all, default-action, map,
help, or editbuffer.
permit
— Allows traffic that matches the conditions in the ACE.
cos
cos
— For permitted packets, a class-of-service (CoS) level for
packet handling. Specify a value from 0 through 7:
1 or 2—Background. Packets are queued in MAP forwarding
queue 4.