PLANET WGSW-50040 User Manual

Page 319

Advertising

Commands for Security Function Chapter 6 Commands for TACACS+

{host-source-mac<host_smac>}|{<smac><smac-mask>}}

{any-destination-mac|{host-destination-mac <host_dmac>}|{<dmac><dmac-mask>}}icmp

{{<source><source-wildcard>}|any-source|{host-source<source-host-ip>}}

{{<destination><destination-wildcard>}|any-destination|

{host-destination<destination-host-ip>}}[<icmp-type> [<icmp-code>]] [precedence

<precedence>] [tos <tos>][time-range<time-range-name>]

access-list<num>{deny|permit}{any-source-mac|

{host-source-mac<host_smac>}|{<smac><smac-mask>}}

{any-destination-mac|{host-destination-mac <host_dmac>}|{<dmac><dmac-mask>}}igmp

{{<source><source-wildcard>}|any-source|{host-source<source-host-ip>}}

{{<destination><destination-wildcard>}|any-destination|

{host-destination<destination-host-ip>}} [<igmp-type>] [precedence <precedence>] [tos

<tos>][time-range<time-range-name>]

access-list <num> {deny|permit}{any-source-mac| {host-source-mac

<host_smac> }|{ <smac> <smac-mask> }}{any-destination-mac| {host-destination-mac

<host_dmac> }|{ <dmac> <dmac-mask> }}tcp {{ <source> <source-wildcard> }|any-source|

{host-source <source-host-ip> }}[s-port{ <port1> | range <sPortMin> <sPortMax> }]

{{ <destination> <destination-wildcard> } | any-destination | {host-destination

<destination-host-ip> }} [d-port { <port3> | range <dPortMin> <dPortMax> }]

[ack+fin+psh+rst+urg+syn] [precedence <precedence> ] [tos <tos> ] [time-range

<time-range-name> ]

access-list <num> {deny|permit}{any-source-mac| {host-source-mac

<host_smac> }|{ <smac> <smac-mask> }}{any-destination-mac| {host-destination-mac

<host_dmac> }|{ <dmac> <dmac-mask> }}udp {{ <source> <source-wildcard> }|any-source|

{host-source <source-host-ip> }}[s-port{ <port1> | range <sPortMin> <sPortMax> }]

{{ <destination> <destination-wildcard> }|any-destination| {host-destination

<destination-host-ip> }}[d-port{ <port3> | range <dPortMin> <dPortMax> }]

[precedence <precedence> ] [tos <tos> ][time-range <time-range-name> ]

access-list <num> {deny|permit}{any-source-mac| {host-source-mac

<host_smac> }|{ <smac> <smac-mask> }} {any-destination-mac|{host-destination-mac

<host_dmac> }|{ <dmac> <dmac-mask> }} {eigrp|gre|igrp|ip|ipinip|ospf|{ <protocol-num> }}

{{ <source> <source-wildcard> }|any-source|{host-source <source-host-ip> }}

{{ <destination> <destination-wildcard> }|any-destination| {host-destination

<destination-host-ip> }} [precedence <precedence> ] [tos <tos> ][time-range

<time-range-name> ]

Functions:

Define a extended numeric MAC-IP ACL rule, ‘No’ command deletes a extended numeric MAC-IP

ACL access-list rule.

Advertising