Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 917

Advertising
background image

Brocade Mobility RFS Controller CLI Reference Guide

905

53-1003098-01

12

Access Points — Brocade Mobility 650 Access Point, Brocade Mobility 6511 Access Point,
Brocade Mobility 1220 Access Point, Brocade Mobility 71XX Access Point, Brocade
Mobility 1240 Access Point

Wireless Controllers — Brocade Mobility RFS4000, Brocade Mobility RFS6000, Brocade
Mobility RFS7000

Service Platforms — Brocade Mobility RFS9510

Syntax:

insert [deny|permit] <PARAMETERS> (log,mark [8021p <0-7>|dscp <0-63>],

rule-precedence <1-5000>) {(rule-description <LINE>)}

Parameters

insert [deny|permit] <PARAMETERS> (log,mark [8021p <0-7>|dscp <0-63>],

rule-precedence <1-5000>) {(rule-description <LINE>)}

Example

rfs4000-229D58(config-ip-acl-test)#deny tcp from-vlan 1 any any

rule-precedence 1

rfs4000-229D58(config-ip-acl-test)#permit icmp any host 192.168.13.7 1 1

rule-precedence 2

rfs4000-229D58(config-ip-acl-test)#show context

ip access-list test

deny tcp from-vlan 1 any any rule-precedence 1

permit icmp any host 192.168.13.7 1 1 rule-precedence 2

rfs4000-229D58(config-ip-acl-test)#

[deny|permit]

Inserts a deny or a permit rule within an IP ACL

<PARMETERS>

Provide the match criteria for this deny/permit rule. Packets will be filtered based on the criteria set here.
For more information on the deny rule, see

deny

.

For more information on the permit rule, see

permit

.

log

After specifying the match criteria, specify the action taken for filtered packets
Logs all deny/permit events matching this entry. If a source and/or destination IP address is matched an
event is logged.

mark [8021p <0-7>|
dscp <0-63>]

Specifies packets to mark

8021p <0-7> – Marks packets by modifying 802.1.p VLAN user priority

dscp <0-63> – Marks packets by modifying DSCP TOS bits in the header

rule-precedence
<1-5000>
rule-description <LINE>

Assigns a precedence for this deny/permit rule

<1-5000> – Specify a value from 1 - 5000.

Lower the precedence higher is the priority. A rule with precedence 3 gets priority over a rule with precedence
10.

rule-description – Optional. Configures a description for this new rule. Provide a description that

uniquely identifies the purpose of this rule (should not exceed 128 characters in length).

NOTE

The log option is functional only for router ACL’s. The log option displays an
informational logging message about the packet that matches the entry sent to the
console.

Advertising
Popular Brands
Popular manuals