TP-Link TL-SG3210 TL-SG3210 V1 CLI Reference Guide - Page 147

acl policy policy-add

Page 147 highlights

op -- The operation for the switch to process packets which match the rules. There are two options, discard and permit. Discard means discarding packets, and permit means forwarding packets. By default, the option is permit. source-ip -- The source IP address contained in the rule. source-ip-mask -- The source IP address mask. It is required if you typed the source IP address. destination-ip -- The destination IP address contained in the rule. destination-ip-mask -- The destination IP address mask. It is required if you typed the destination IP address. time-segment -- The time-range for the rule to take effect. By default, it is not limited. index -- Change the index number of the entry. Command Mode Global Configuration Mode Example Edit Rule 10 for the Standard-IP ACL whose ID is 120. In the rule, the source IP address is 192.168.0.100, the source IP address mask is 255.255.255.0, the time-range for the rule to take effect is tSeg1, and the packets match this rule will be forwarded by the switch: TP-LINK(config)# acl edit rule std-acl 120 10 op permit dip 192.168.0.100 dmask 255.255.255.0 tseg tSeg1 acl policy policy-add Description The acl policy policy-add command is used to add Policy. To delete the corresponding Policy, please use no acl policy policy-add command. A Policy is used to control the data packets those match the corresponding ACL rules by configuring ACLs and actions together for effect. The operations here include stream mirror, stream condition, QoS Remarking and redirect. Syntax acl policy policy-add name no acl policy policy-add name Parameter name -- The Policy Name, ranging from 1 to 16 characters. 135

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199

135
op
——
The operation for the switch to process packets which match the rules.
There are two options, discard and permit. Discard means discarding packets,
and permit means forwarding packets. By default, the option is permit.
source-ip
——
The source IP address contained in the rule.
source-ip-mask
——
The source IP address mask. It is required if you typed
the source IP address.
destination-ip
——
The destination IP address contained in the rule.
destination-ip-mask
——
The destination IP address mask. It is required if you
typed the destination IP address.
time-segment
——
The time-range for the rule to take effect. By default, it is
not limited.
index
——
Change the index number of the entry.
Command Mode
Global Configuration Mode
Example
Edit Rule 10 for the Standard-IP ACL whose ID is 120. In the rule, the source IP
address is 192.168.0.100, the source IP address mask is 255.255.255.0, the
time-range for the rule to take effect is tSeg1, and the packets match this rule
will be forwarded by the switch:
TP-LINK(config)# acl edit rule std-acl
120 10
op
permit
dip
192.168.0.100
dmask
255.255.255.0
tseg
tSeg1
acl policy policy-add
Description
The
acl policy policy-add
command is used to add Policy. To delete the
corresponding Policy, please use
no acl policy policy-add
command. A Policy
is used to control the data packets those match the corresponding ACL rules by
configuring ACLs and actions together for effect. The operations here include
stream mirror, stream condition, QoS Remarking and redirect.
Syntax
acl policy policy-add
name
no acl policy policy-add
name
Parameter
name
——
The Policy Name, ranging from 1 to 16 characters.