HP 6125G HP 6125G & 6125G/XG Blade Switches ACL and QoS Command Refere - Page 25

Table 7, TCP/UDP-specific parameters for IPv4 advanced ACL rules, Parameters, Function, Description

Get HP 6125G PDF manuals and user guides View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals

Page 25 highlights

Parameters time-range time-range-name Function Specifies a time range for the rule Description The time-range-name argument takes a case-insensitive string of 1 to 32 characters. It must start with an English letter. If the time range is not configured, the system creates the rule; however, the rule using the time range can take effect only after you configure the timer range. NOTE: If you provide the precedence or tos keyword in addition to the dscp keyword, only the dscp keyword takes effect. If the protocol argument takes tcp (6) or udp (7), you can set the parameters shown in Table 7. Table 7 TCP/UDP-specific parameters for IPv4 advanced ACL rules Parameters source-port operator port1 [ port2 ] destination-port operator port1 [ port2 ] { ack ack-value | fin fin-value | psh psh-value | rst rst-value | syn syn-value | urg urg-value } * Function Description Specifies one or more UDP or TCP source ports Specifies one or more UDP or TCP destination ports The operator argument can be lt (lower than), gt (greater than), eq (equal to), neq (not equal to), or range (inclusive range). The port1 and port2 arguments are TCP or UDP port numbers in the range of 0 to 65535. port2 is needed only when the operator argument is range. TCP port numbers can be represented in these words: chargen (19), bgp (179), cmd (514), daytime (13), discard (9), domain (53), echo (7), exec (512), finger (79), ftp (21), ftp-data (20), gopher (70), hostname (101), irc (194), klogin (543), kshell (544), login (513), lpd (515), nntp (119), pop2 (109), pop3 (110), smtp (25), sunrpc (111), tacacs (49), talk (517), telnet (23), time (37), uucp (540), whois (43), and www (80). UDP port numbers can be represented in these words: biff (512), bootpc (68), bootps (67), discard (9), dns (53), dnsix (90), echo (7), mobilip-ag (434), mobilip-mn (435), nameserver (42), netbios-dgm (138), netbios-ns (137), netbios-ssn (139), ntp (123), rip (520), snmp (161), snmptrap (162), sunrpc (111), syslog (514), tacacs-ds (65), talk (517), tftp (69), time (37), who (513), and xdmcp (177). Specifies one or more TCP flags including ACK, FIN, PSH, RST, SYN, and URG Parameters specific to TCP. The value for each argument can be 0 (flag bit not set) or 1 (flag bit set). The TCP flags in one rule are ANDed. 20

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
20
Parameters
Function
Description
time-range
time-range-name
Specifies a time range for the
rule
The
time-range-name
argument
takes a case-insensitive string of 1 to
32 characters. It must start with an
English letter. If the time range is not
configured, the system creates the
rule; however, the rule using the time
range can take effect only after you
configure the timer range.
NOTE:
If you provide the
precedence
or
tos
keyword in addition to the
dscp
keyword, only the
dscp
keyword
takes effect.
If the
protocol
argument takes
tcp
(6) or
udp
(7), you can set the parameters shown in
Table 7
.
Table 7
TCP/UDP-specific parameters for IPv4 advanced ACL rules
Parameters
Function
Description
source-port
operator port1
[
port2
]
Specifies one or more
UDP or TCP source
ports
The
operator
argument can be
lt
(lower
than),
gt
(greater than),
eq
(equal to),
neq
(not equal to), or
range
(inclusive range).
The
port1
and
port2
arguments are TCP or
UDP port numbers in the range of 0 to
65535.
port2
is needed only when the
operator
argument is
range
.
TCP port numbers can be represented in
these words:
chargen
(19),
bgp
(179),
cmd
(514),
daytime
(13),
discard
(9),
domain
(53),
echo
(7),
exec
(512),
finger
(79),
ftp
(21),
ftp-data
(20),
gopher
(70),
hostname
(101),
irc
(194),
klogin
(543),
kshell
(544),
login
(513),
lpd
(515),
nntp
(119),
pop2
(109),
pop3
(110),
smtp
(25),
sunrpc
(111),
tacacs
(49),
talk
(517),
telnet
(23),
time
(37),
uucp
(540),
whois
(43), and
www
(80).
UDP port numbers can be represented in
these words:
biff
(512),
bootpc
(68),
bootps
(67),
discard
(9),
dns
(53),
dnsix
(90),
echo
(7),
mobilip-ag
(434),
mobilip-mn
(435),
nameserver
(42),
netbios-dgm
(138),
netbios-ns
(137),
netbios-ssn
(139),
ntp
(123),
rip
(520),
snmp
(161),
snmptrap
(162),
sunrpc
(111),
syslog
(514),
tacacs-ds
(65),
talk
(517),
tftp
(69),
time
(37),
who
(513), and
xdmcp
(177).
destination-port
operator port1
[
port2
]
Specifies one or more
UDP or TCP
destination ports
{
ack
ack-value
|
fin
fin-value
|
psh
psh-value
|
rst
rst-value
|
syn
syn-value
|
urg
urg-value
} *
Specifies one or more
TCP flags including
ACK, FIN, PSH, RST,
SYN, and URG
Parameters specific to TCP.
The value for each argument can be 0 (flag
bit not set) or 1 (flag bit set).
The TCP flags in one rule are ANDed.