Paradyne CSU User Manual
C. Router CLI Commands, Codes, and Designations
C-20
September
2002
9128-A2-GB20-80
(Continued from previous page)
For Extended IP Access Lists:
Example:
access-list 100 permit tcp 10.1.1.1 0.0.0.255 20.1.1.1
0.0.0.255
protocol – The IP protocol to which the filter will be applied. The following protocols are
supported:
supported:
ip – Filter applies to all IP packets (including but not limited to ICMP, TCP, and UDP).
icmp – Internet Control Message Protocol.
tcp – Transmission Control Protocol.
udp – User Datagram Protocol.
source-ip – The source IP Address to match.
source-wildcard – Specifies a 32-bit wildcard mask indicating the bit positions in the
source IP Address to ignore during matches. This argument must be supplied when a
source-ip address is specified.
source IP Address to ignore during matches. This argument must be supplied when a
source-ip address is specified.
any – Match any source host. A source-ip of 0.0.0.0 and a source-wildcard of
255.255.255.255 are specified.
255.255.255.255 are specified.
host – Specify a single host source address to match.
source-host-ip – The source host IP address to match.
dest-ip – The destination IP Address to match.
dest-wildcard – Specifies a 32-bit wildcard mask indicating the bit positions in the
destination IP Address to ignore during matches. This argument must be supplied
when a dest-ip address is specified.
destination IP Address to ignore during matches. This argument must be supplied
when a dest-ip address is specified.
any – Specifies to match any destination host. A dest-ip of 0.0.0.0 and a dest-wildcard of
255.255.255.255 are specified.
255.255.255.255 are specified.
host – Specify a single host address to match.
dest-host-ip – The destination host IP address to match.
icmp-msg-type – Specify a specific ICMP message type to be filtered. Valid if the
protocol
protocol
. Valid ICMP message type range is 0–255.
icmp-msg-code – Specify a specific ICMP message code to be filtered. Valid if an
icmp-msg-type
icmp-msg-type
has been specified and the protocol specified is icmp. For valid ICMP
message codes, refer to
. Valid ICMP message type range
is 0 – 255.
src-operator – Specifies how the source port is evaluated. This argument may only be
specified if the protocol specified is tcp or udp. Valid values are:
specified if the protocol specified is tcp or udp. Valid values are:
eq – Match only packets with a port number equal to the source port number input.
gt – Match only packets with a port number greater than the source port number.
lt – Match only packets with a port number less than the source port number input.
neq – Match only packets with a port number not equal to the source port number.
range – Match only packets in the range of port numbers specified by src-port
and
src-end-port. If range is specified, enter both a src-port and a src-end-port.
(Continued on next page)
Table C-11. Filter Commands (2 of 4)