Dell S6000 FTOS 9.0(2.0) Command Line Reference Guide for the System - Page 132
permit tcp
View all Dell S6000 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 132 highlights
www.dell.com | support.dell.com The S-Series cannot count both packets and bytes, so when you enter the count byte options, only bytes are incremented. Note: When ACL logging and byte counters are configured simultaneously, byte counters may display an incorrect value. Configure packet counters with logging instead. Related Commands ip access-list extended permit tcp permit udp Create an extended ACL. Assign a permit filter for TCP packets. Assign a permit filter for UDP packets. permit tcp s z S6000 Configure a filter to pass TCP packets meeting the filter criteria. Syntax permit tcp {source mask | any | host ip-address} [bit] [operator port [port]] {destination mask | any | host ip-address} [bit] [dscp] [operator port [port]] [count [byte]] [order] [fragments] To remove this filter, you have two choices: • Use the no seq sequence-number command syntax if you know the filter's sequence number or • Use the no permit tcp {source mask | any | host ip-address} {destination mask | any | host ip-address} command. Parameters source mask any host ip-address bit dscp operator Enter the IP address of the network or host from which the packets were sent. Enter a network mask in /prefix format (/x) or A.B.C.D. The mask, when specified in A.B.C.D format, may be either contiguous or non-contiguous. Enter the keyword any to specify that all routes are subject to the filter. Enter the keyword host followed by the IP address to specify a host IP address. Enter a flag or combination of bits: ack: acknowledgement field fin: finish (no more data from the user) psh: push function rst: reset the connection syn: synchronize sequence numbers urg: urgent field Enter this keyword to deny a packet based on DSCP value. Range: 0-63 (OPTIONAL) Enter one of the following logical operand: • eq = equal to • neq = not equal to • gt = greater than • lt = less than • range = inclusive range of ports (you must specify two port for the port parameter.) 132 | Access Control Lists (ACL)