PLANET WGSW-50040 User Manual
Page 319
Commands for Security Function Chapter 6 Commands for TACACS+
{host-source-mac<host_smac>}|{<smac><smac-mask>}}
{any-destination-mac|{host-destination-mac <host_dmac>}|{<dmac><dmac-mask>}}icmp
{{<source><source-wildcard>}|any-source|{host-source<source-host-ip>}}
{{<destination><destination-wildcard>}|any-destination|
{host-destination<destination-host-ip>}}[<icmp-type> [<icmp-code>]] [precedence
<precedence>] [tos <tos>][time-range<time-range-name>]
access-list<num>{deny|permit}{any-source-mac|
{host-source-mac<host_smac>}|{<smac><smac-mask>}}
{any-destination-mac|{host-destination-mac <host_dmac>}|{<dmac><dmac-mask>}}igmp
{{<source><source-wildcard>}|any-source|{host-source<source-host-ip>}}
{{<destination><destination-wildcard>}|any-destination|
{host-destination<destination-host-ip>}} [<igmp-type>] [precedence <precedence>] [tos
<tos>][time-range<time-range-name>]
access-list <num> {deny|permit}{any-source-mac| {host-source-mac
<host_smac> }|{ <smac> <smac-mask> }}{any-destination-mac| {host-destination-mac
<host_dmac> }|{ <dmac> <dmac-mask> }}tcp {{ <source> <source-wildcard> }|any-source|
{host-source <source-host-ip> }}[s-port{ <port1> | range <sPortMin> <sPortMax> }]
{{ <destination> <destination-wildcard> } | any-destination | {host-destination
<destination-host-ip> }} [d-port { <port3> | range <dPortMin> <dPortMax> }]
[ack+fin+psh+rst+urg+syn] [precedence <precedence> ] [tos <tos> ] [time-range
<time-range-name> ]
access-list <num> {deny|permit}{any-source-mac| {host-source-mac
<host_smac> }|{ <smac> <smac-mask> }}{any-destination-mac| {host-destination-mac
<host_dmac> }|{ <dmac> <dmac-mask> }}udp {{ <source> <source-wildcard> }|any-source|
{host-source <source-host-ip> }}[s-port{ <port1> | range <sPortMin> <sPortMax> }]
{{ <destination> <destination-wildcard> }|any-destination| {host-destination
<destination-host-ip> }}[d-port{ <port3> | range <dPortMin> <dPortMax> }]
[precedence <precedence> ] [tos <tos> ][time-range <time-range-name> ]
access-list <num> {deny|permit}{any-source-mac| {host-source-mac
<host_smac> }|{ <smac> <smac-mask> }} {any-destination-mac|{host-destination-mac
<host_dmac> }|{ <dmac> <dmac-mask> }} {eigrp|gre|igrp|ip|ipinip|ospf|{ <protocol-num> }}
{{ <source> <source-wildcard> }|any-source|{host-source <source-host-ip> }}
{{ <destination> <destination-wildcard> }|any-destination| {host-destination
<destination-host-ip> }} [precedence <precedence> ] [tos <tos> ][time-range
<time-range-name> ]
Functions:
Define a extended numeric MAC-IP ACL rule, ‘No’ command deletes a extended numeric MAC-IP
ACL access-list rule.