Cisco Cisco ASR 5700
ACL Configuration Mode Commands
▀ readdress server
▄ Command Line Interface Reference, StarOS Release 17
276
Important:
The mask must contain a contiguous set of one-bits from the least significant bit (LSB). Therefore,
allowed masks are 0, 1, 3, 7, 15, 31, 63, 127, and 255. For example, acceptable wildcards are 0.0.0.3, 0.0.0.255, and
0.0.15.255. A wildcard of 0.0.7.15 is not acceptable since the one-bits are not contiguous.
0.0.15.255. A wildcard of 0.0.7.15 is not acceptable since the one-bits are not contiguous.
eq dest_port
Specifies a single, specific destination TCP port number to be filtered.
dest_port
must be an integer from 0 through 65535.
gt dest_port
Specifies that all destination TCP port numbers greater than the one specified are to be filtered.
dest_port
must be an integer from 0 through 65535.
lt dest_port
Specifies that all destination TCP port numbers less than the one specified are to be filtered.
dest_port
must be an integer 0 through 65535.
neq dest_port
Specifies that all destination TCP port numbers not equal to the one specified are to be filtered.
dest_port
must be an integer 0 through 65535.
Usage
Use this command to define a rule that redirects packets to a different destination address. The TCP and UDP
packet headers are modified with the new destination address and destination port.
packet headers are modified with the new destination address and destination port.
Important:
The maximum number of rules that can be configured per ACL varies depending on how the ACL is
to be used. For more information, refer to the Engineering Rules appendix in the System Administration Guide.
Important:
Prior to Release 8.3, for packets received from the packet data network destined for a subscriber's
UE, the system applied logic to reset the source address of a packet to the original destination address of the input
packet before applying the outbound access control list (ACL). In Release 8.3 and higher, the system reverses the order
and applies the outbound ACL before resetting the source address. This change impacts all current readdress server
rules in inbound IPv4 ACLs.
packet before applying the outbound access control list (ACL). In Release 8.3 and higher, the system reverses the order
and applies the outbound ACL before resetting the source address. This change impacts all current readdress server
rules in inbound IPv4 ACLs.
Important:
After Release 8.3, for every readdress server rule in an inbound IPv4 ACL, you must add a permit
rule to an outbound ACL that explicitly permits packets from the readdress rule's redirect address and port number. If
the permit rule is omitted, the system will reject all packets destined for the subscriber's UE from the readdress rule's
redirect address and port number.
the permit rule is omitted, the system will reject all packets destined for the subscriber's UE from the readdress rule's
redirect address and port number.
Example
The following command defines a rule that redirects packets to the server at 192.168.10.4, UDP packets
coming from any host with a destination of any host are matched:
coming from any host with a destination of any host are matched:
readdress server 192.168.10.4 udp any any
The following sets the insertion point before the rule defined above: