PLANET WGSW-50040 User Manual

Commands for Security Function Chapter 6 Commands for TACACS+

<tos>, to value, 0-15;

<sPort>, source port No., 0-65535;

<sPortMin>, the down boundary of source port;

<sPortMax>, the up boundary of source port;

<dPortMin>, the down boundary of destination port;

<dPortMax>, the up boundary of destination port;

<dPort>, destination port No., 0-65535;

<time-range-name>, the name of time-range.

Command Mode:

Global mode

Default:

No access-lists configured.

Usage Guide:

When the user assign specific <num> for the first time, ACL of the serial number is created, then

the lists are added into this ACL; the access list which marked 200-299 can configure not continual

reverse mask of IP address.

<igmp-type> represent the type of IGMP packet, and usual values please refer to the following

description:

17(0x11): IGMP QUERY packet

18(0x12): IGMP V1 REPORT packet

22(0x16): IGMP V2 REPORT packet

23(0x17): IGMP V2 LEAVE packet

34(0x22): IGMP V3 REPORT packet

19(0x13): DVMR packet

20(0x14): PIM V1 packet

Particular notice:

The packet types included here are not the types excluding IP OPTION. Normally, IGMP packet

contains OPTION fields, and such configuration is of no use for this type of packet. If you want to

configure the packets containing OPTION, please directly use the manner where OFFSET is

configured.

Examples:

Create the numeric extended access-list whose serial No. is 110. deny icmp packet to pass, and

permit udp packet with destination address 192. 168. 0. 1 and destination port 32 to pass.

Switch(config)#access-list 110 deny icmp any any-destination

Switch(config)#access-list 110 permit udp any host-destination 192.168.0.1 d-port 32