Fujitsu P3NK-4452-01ENZD Manual De Usuario
XG Series User's Guide
Chapter 5 Command Reference
LAN Information Settings
186
5.5.1.4
lan ip filter
Function
Set the IP filter.
Available Model
XG0224 / XG0448 / XG2600
Syntax
lan [<number>] ip filter <count> <action> acl <acl_count>
Options
<number>
•
•
lan definition number
Specify a lan definition serial number with a decimal value.
The default is 0.
Specify a lan definition serial number with a decimal value.
The default is 0.
<count>
•
•
Filtering definition number
Specify a definition number, which indicates a filtering priority, with a decimal value.
The specified value is sorted and renumbered in sequence. If a filtering definition with
the same value already exists, the existing one will be changed.
Specify a definition number, which indicates a filtering priority, with a decimal value.
The specified value is sorted and renumbered in sequence. If a filtering definition with
the same value already exists, the existing one will be changed.
<action>
Set whether or not to transmit the packet to be filtered.
•
pass
Transmit the relevant packet.
Transmit the relevant packet.
•
reject
Block the relevant packet.
Block the relevant packet.
<acl_count>
•
•
ACL definition number
Specify the required ACL definition number with a decimal value.
If the ACL specified in <acl_count> is not defined, the filtering definition will be disabled
and ignored.
Use the following ACL definition for IP filter.
- ip
Specify the required ACL definition number with a decimal value.
If the ACL specified in <acl_count> is not defined, the filtering definition will be disabled
and ignored.
Use the following ACL definition for IP filter.
- ip
If the ip value is not set, the filtering definition will be disabled and ignored.
- tcp
Available only when "6" is set in <protocol> of ip.
Otherwise, the set value is ignored.
If the tcp value is not set while "6" is set in <protocol> of ip, each value of tcp will be
assumed to be "any".
Otherwise, the set value is ignored.
If the tcp value is not set while "6" is set in <protocol> of ip, each value of tcp will be
assumed to be "any".
- udp
Available only when "17" is set in <protocol> of ip.
Otherwise, the set value is ignored.
If the udp value is not set while "17" is set in <protocol> of ip, each value of udp is
assumed to be "any".
Otherwise, the set value is ignored.
If the udp value is not set while "17" is set in <protocol> of ip, each value of udp is
assumed to be "any".
- icmp
Available only when "1" is set in <protocol> of ip.
Otherwise, the set value is ignored.
If the icmp value is not set while "1" is set in <protocol> of ip, each value of icmp will
be assumed to be "any".
Otherwise, the set value is ignored.
If the icmp value is not set while "1" is set in <protocol> of ip, each value of icmp will
be assumed to be "any".
Use Mode
Configuration mode (admin class)
Range
Model
0 to 511
XG0224 / XG0448
0 to 63
XG2600