Dell Force10 MXL Blade MXL 10/40GbE Switch IO Module FTOS Command Line Referen - Page 112
permit tcp
View all Dell Force10 MXL Blade manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 112 highlights
www.dell.com | support.dell.com permit tcp Configure a filter to pass TCP packets meeting the filter criteria. Syntax permit tcp {source mask | any | host ip-address} [bit] [operator port [port]] {destination mask | any | host ip-address} [bit] [dscp] [operator port [port]] [count [byte]] [order] [fragments] To remove this filter, you have two choices: • Use the no seq sequence-number command if you know the filter's sequence number. • Use the no permit tcp {source mask | any | host ip-address} {destination mask | any | host ip-address} command. Parameters source mask any host ip-address bit dscp operator port port destination mask count byte Enter the IP address of the network or host from which the packets were sent. Enter a network mask in /prefix format (/x) or A.B.C.D. The mask, when specified in A.B.C.D format, may be either contiguous or non-contiguous. Enter the keyword any to specify that all routes are subject to the filter. Enter the keyword host followed by the IP address to specify a host IP address. Enter a flag or combination of bits: • ack: acknowledgement field • fin: finish (no more data from the user) • psh: push function • rst: reset the connection • syn: synchronize sequence numbers • urg: urgent field Enter this keyword to deny a packet based on DSCP value. Range: 0-63 (OPTIONAL) Enter one of the following logical operand: • eq = equal to • neq = not equal to • gt = greater than • lt = less than • range = inclusive range of ports (you must specify two port for the port parameter.) Enter the application layer port number. Enter two port numbers if using the range logical operand. Range: 0 to 65535. The following list includes some common TCP port numbers: • 23 = Telnet • 20 and 21 = FTP • 25 = SMTP • 169 = SNMP Enter the IP address of the network or host to which the packets are sent. Enter a network mask in /prefix format (/x) or A.B.C.D. The mask, when specified in A.B.C.D format, may be either contiguous or non-contiguous. (OPTIONAL) Enter the keyword count to count packets processed by the filter. (OPTIONAL) Enter the keyword byte to count bytes processed by the filter. 112 | Access Control Lists (ACL)