Cisco Cisco ASR 5000
ACL Configuration Mode Commands
▀ redirect nexthop (by TCP/UDP packets)
▄ Command Line Interface Reference, StarOS Release 18
380
One-bits in this parameter mean that the corresponding bits configured for the
dest_address
parameter must be ignored.
Important:
The mask must contain a contiguous set of one-bits from the least significant bit (LSB). Therefore,
allowed masks are 0, 1, 3, 7, 15, 31, 63, 127, and 255. For example, acceptable wildcards are 0.0.0.3, 0.0.0.255, and
0.0.15.255. A wildcard of 0.0.7.15 is not acceptable since the one-bits are not contiguous.
0.0.15.255. A wildcard of 0.0.7.15 is not acceptable since the one-bits are not contiguous.
eq dest_port
Specifies a single, specific destination TCP port number to be filtered.
dest_port
must be an integer from 0 through 65535.
gt dest_port
Specifies that all destination TCP port numbers greater than the one specified are to be filtered.
dest_port
must be an integer from 0 through 65535.
lt dest_port
Specifies that all destination TCP port numbers less than the one specified are to be filtered.
dest_port
must be an integer from 0 through 65535.
neq dest_port
Specifies that all destination TCP port numbers not equal to the one specified are to be filtered.
dest_port
must be an integer from 0 through 65535.
Usage
Block IP packets when the source and destination are of interest but for only a limited set of ports.
Important:
The maximum number of rules that can be configured per ACL varies depending on how the ACL is
to be used. For more information, refer to the Engineering Rules appendix in the System Administration Guide.
Important:
Also note that “redirect” rules are ignored for ACLs applied to specific subscribers or all subscribers
facilitated by a specific context.
Example
The following command defines a rule that redirects packets to the next hop host at 192.168.10.4, the context
with the context ID of 23, and UDP packets coming from any host are matched:
with the context ID of 23, and UDP packets coming from any host are matched:
redirect nexthop 192.168.10.4 context 23 udp any
The following sets the insertion point before the rule defined above:
before redirect nexthop 192.168.10.4 context 23 udp any
The following command sets the insertion point after the first rule defined above:
after redirect nexthop 192.168.10.4 context 23 udp any
The following deletes the first rule defined above: