HP 6125XLG R2306-HP 6125XLG Blade Switch ACL and QoS Command Reference - Page 24

Default, Views, Predefined user roles, Parameters, established

Get HP 6125XLG PDF manuals and user guides View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals

Page 24 highlights

undo rule rule-id [ { { ack | fin | psh | rst | syn | urg } * | established } | counting | destination | destination-port | { dscp | { precedence | tos } * } | fragment | icmp-type | logging | source | source-port | time-range | vpn-instance ] * Default An IPv4 advanced ACL does not contain any rule. Views IPv4 advanced ACL view Predefined user roles network-admin Parameters rule-id: Specifies a rule ID in the range of 0 to 65534. If no rule ID is provided when you create an ACL rule, the system automatically assigns it a rule ID. This rule ID is the nearest higher multiple of the numbering step to the current highest rule ID, starting from 0. For example, if the rule numbering step is 5 and the current highest rule ID is 28, the rule is numbered 30. deny: Denies matching packets. permit: Allows matching packets to pass. protocol: Specifies one of the following values: • A protocol number in the range of 0 to 255. • A protocol by its name: gre (47), icmp (1), igmp (2), ip, ipinip (4), ospf (89), tcp (6), or udp (17). The ip keyword specifies all protocols. Table 7 describes the parameters that you can specify regardless of the value for the protocol argument. Table 7 Match criteria and other rule information for IPv4 advanced ACL rules Parameters source { source-address source-wildcard | any } destination { dest-address dest-wildcard | any } counting precedence precedence Function Description Specifies a source address. The source-address source-wildcard arguments represent a source IP address and wildcard mask in dotted decimal notation. An all-zero wildcard specifies a host address. The any keyword specifies any source IP address. Specifies a destination address. The dest-address dest-wildcard arguments represent a destination IP address and wildcard mask in dotted decimal notation. An all-zero wildcard specifies a host address. The any keyword represents any destination IP address. Counts the number of times the IPv4 advanced ACL rule has been matched. The counting keyword enables match counting specific to rules, and the hardware-count keyword in the packet-filter command enables match counting for all rules in an ACL. If the counting keyword is not specified, matches for the rule are not counted. Specifies an IP precedence value. The precedence argument can be a number in the range of 0 to 7, or in words: routine (0), priority (1), immediate (2), flash (3), flash-override (4), critical (5), internet (6), or network (7). 19

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
19
undo
rule
rule-id
[ { {
ack
|
fin
|
psh
|
rst
|
syn
|
urg
} * |
established
} |
counting
|
destination
|
destination-port
| {
dscp
| {
precedence
|
tos
} * } |
fragment
|
icmp-type
|
logging
|
source
|
source-port
|
time-range
|
vpn-instance
] *
Default
An IPv4 advanced ACL does not contain any rule.
Views
IPv4 advanced ACL view
Predefined user roles
network-admin
Parameters
rule-id
: Specifies a rule ID in the range of 0 to 65534. If no rule ID is provided when you create an ACL
rule, the system automatically assigns it a rule ID. This rule ID is the nearest higher multiple of the
numbering step to the current highest rule ID, starting from 0. For example, if the rule numbering step is
5 and the current highest rule ID is 28, the rule is numbered 30.
deny
: Denies matching packets.
permit
: Allows matching packets to pass.
protocol
: Specifies one of the following values:
A
protocol number in the range of 0 to 255.
A protocol by its name:
gre
(47),
icmp
(1),
igmp
(2),
ip
,
ipinip
(4),
ospf
(89),
tcp
(6), or
udp
(17). The
ip
keyword specifies all protocols.
Table 7
describes the parameters that you can specify regardless of the value for the
protocol
argument.
Table 7
Match criteria and other rule information for IPv4 advanced ACL rules
Parameters
Function
Description
source
{
source-address
source-wildcard
|
any
}
Specifies a source address.
The
source-address source-wildcard
arguments
represent a source IP address and wildcard mask in
dotted decimal notation. An all-zero wildcard specifies
a host address.
The
any
keyword specifies any source IP address.
destination
{
dest-address
dest-wildcard
|
any
}
Specifies a destination
address.
The
dest-address dest-wildcard
arguments represent a
destination IP address and wildcard mask in dotted
decimal notation. An all-zero wildcard specifies a host
address.
The
any
keyword represents any destination IP address.
counting
Counts the number of times the
IPv4 advanced ACL rule has
been matched.
The
counting
keyword enables match counting specific
to rules, and the
hardware-count
keyword in the
packet-filter
command enables match counting for all
rules in an ACL. If the
counting
keyword is not specified,
matches for the rule are not counted.
precedence
precedence
Specifies an IP precedence
value.
The
precedence
argument can be a number in the range
of 0 to 7, or in words:
routine
(0),
priority
(1),
immediate
(2),
flash
(3),
flash-override
(4),
critical
(5),
internet
(6), or
network
(7).