Chapter4ServiceConguration
Syntax
rule<1-500>{permit|deny}<ip-protocol>{<source-ipaddr><sip-mask>|any}{<destination-ipa
ddr><dip-mask>|any}[dscp<0-63>][fragment][cos<0-7>][<vlan-id>[<vlan-mask>]][<source-
mac><smac-mask>|any][<dest-mac><dmac-mask>|any]
ParameterDescription
ParameterDescription
<1-500>Rulenumber.
permitIftheconditionmatches,accessispermitted.
denyIftheconditionmatches,accessisdenied.
<ip-protocol>
ThisruleisonlyvalidformessageswiththespeciedIPprotocol
eld.Ignorethisruleforothermessages.TherangeoftheIP
protocoleldvalueis0to255.
<source-ipaddr>
IPaddressofthesourcenetworkorhosttransmittingpackets.Itis
a32-bitIPaddressexpressedindotteddecimalnotation.
<sip-mask>
Sourcemaskusedforsources.Itisa32-bitIPaddressexpressed
indotteddecimalnotation.
any(rst)
Theanykeywordisusedastheabbreviationofthesource0.0.0.0
andthesourcemask0.0.0.0.
<destination-ipaddr>
Destinationnetworkorhostofthetransmittedpacket.Itisa32-bit
IPaddressexpressedindotteddecimalnotation.
<dip-mask>
Destinationmaskusedfordestination.Itisa32-bitIPaddress
expressedindotteddecimalnotation.
any(second)
Theanykeywordisusedastheabbreviationofthedestination
0.0.0.0andthedestinationmask0.0.0.0.
dscp<0-63>
ThisruleisonlyvalidformessageswiththespeciedDSCP
value.Ignorethisruleforothermessages.TherangeofDSCP
valueis0to63.
fragment
Thisruleisonlyvalidforfragmentmessages.Fornon-fragment
messages,thisruleisignored.
cos<0-7>
Thisruleisonlyvalidforthecos-speciedmessage.Ignorethis
ruleforothermessages.Therangeofcosis0to7.
<vlan-id>
ThisruleisonlyvalidformessageswiththespeciedVLANID.
Ignorethisruleforothermessages.TheruleofVLANIDis1
to4094.
<vlan-mask>OptionalVLANmask.Thedefaultvalueis0xfff.
<source-mac>SourceMACaddressofthetransmittedpacket.
<smac-mask>SourceMACmask.
4-233
SJ-20130731155059-003|2013-11-27(R1.0)ZTEProprietaryandCondential
To Next Page
Loading...
Need help?
General
