Dell Force10 S25-01-GE-24V FTOS 8.4.2.6 Command Line Reference Guide for the E - Page 230
permit icmp
View all Dell Force10 S25-01-GE-24V manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 230 highlights
www.dell.com | support.dell.com order monitor (OPTIONAL) Enter the keyword order to specify the QoS priority for the ACL entry. Range: 0-254 (where 0 is the highest priority and 254 is the lowest; lower order numbers have a higher priority) Default: If the order keyword is not used, the ACLs have the lowest order by default (255). (OPTIONAL) Enter the keyword monitor when the rule is describing the traffic that you want to monitor and the ACL in which you are creating the rule will be applied to the monitored interface. For details, see the section "Flow-based Monitoring" in the Port Monitoring chapter of the FTOS Configuration Guide. Defaults Not configured. Command Modes CONFIGURATION-EXTENDED-ACCESS-LIST Command History Version 8.2.1.0 Version 8.1.1.0 Version 7.4.1.0 Version 6.5.10 Allows ACL control of fragmented packets for IP (Layer 3) ACLs. Introduced on E-Series ExaScale Added monitor option Expanded to include the optional QoS order priority for the ACL entry. Usage The order option is relevant in the context of the Policy QoS feature only. See the "Quality of Information Service" chapter of the FTOS Configuration Guide for more information. When you use the log option, CP processor logs details about the packets that match. Depending on how many packets match the log entry and at what rate, the CP may become busy as it has to log these packets' details. The monitor option is relevant in the context of the flow-based monitoring feature only. See Chapter 45, Port Monitoring. You cannot include IP, TCP or UDP filters in an ACL configured with ARP filters. Note: When ACL logging and byte counters are configured simultaneously, byte counters may display an incorrect value. Configure packet counters with logging instead. permit icmp e Configure a filter to allow all or specific ICMP messages. Syntax permit icmp {source mask | any | host ip-address} {destination mask | any | host ip-address} [dscp] [message-type] [count [byte] | log] [order] [monitor] [fragments] To remove this filter, you have two choices: • Use the no seq sequence-number command syntax if you know the filter's sequence number or • Use the no permit icmp {source mask | any | host ip-address} {destination mask | any | host ip-address} command. 230 | Access Control Lists (ACL)