Dell PowerEdge VRTX User Manual

734

ACL Commands

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Dell Plasma-ARC

2+3\new_system_mifs_ARC2_latest\ACL.fm

D E L L C O N F ID E N T IA L – P R E L IM I N A RY 4 / 3 /1 4 - FO R P R O O F O N LY

•

destination-prefix/length

—The destination IPv6 network or class of

networks about which to set permit conditions. This argument must be in

the form documented in RFC 3513 where the address is specified in

hexadecimal using 16-bit values between colons.

• dscp

number

—Specifies the DSCP value. (Range: 0–63)

•

precedence

number

—Specifies the IP precedence value.

•

icmp-type

—Specifies an ICMP message type for filtering ICMP packets.

Enter a number or one of the following values: destination-unreachable

(1), packet-too-big (2), time-exceeded (3), parameter-problem (4), echo-

request (128), echo-reply (129), mld-query (130), mld-report (131),

mldv2-report (143), mld-done (132), router-solicitation (133), router-

advertisement (134), nd-ns (135), nd-na (136). (Range: 0–255)

•

icmp-code

—Specifies an ICMP message code for filtering ICMP packets.

(Range: 0–255)

•

destination-port

—Specifies the UDP/TCP destination port. You can enter

a range of ports by using a hyphen. E.g. 20 - 21. For TCP enter a number or

one of the following values: bgp (179), chargen (19), daytime (13), discard

(9), domain (53), drip (3949), echo (7), finger (79), ftp (21), ftp-data (20),

gopher (70), hostname (42), irc (194), klogin (543), kshell (544), lpd (515),

nntp (119), pop2 (109), pop3 (110), smtp (25), sunrpc (1110, syslog (514),

tacacs-ds (49), talk (517), telnet (23), time (37), uucp (117), whois (43),

www (80). For UDP enter a number or one of the following values: biff

(512), bootpc (68), bootps (67), discard (9), dnsix (90), domain (53), echo

(7), mobile-ip (434), nameserver (42), netbios-dgm (138), netbios-ns

(137), non500-isakmp (4500), ntp (123), rip (520), snmp (161), snmptrap

(162), sunrpc (111), syslog (514), tacacs (49), talk (517), tftp (69), time

(37), who (513), xdmcp (177). (Range: 0–65535)

•

source-port

—Specifies the UDP/TCP source port. Predefined port names

are defined in the destination-port parameter. (Range: 0–65535)

•

match-all

list-of-flag

—List of TCP flags that should occur. If a flag should

be set it is prefixed by “+”.If a flag should be unset it is prefixed by “-”.

Available options are +urg, +ack, +psh, +rst, +syn, +fin, -urg, -ack, -psh,

-rst, -syn and -fin. The flags are concatenated to a one string. For example:

+fin-ack.

• time-range-name—Name of the time range that applies to this permit

statement. (Range: 1–32)