Alcatel-Lucent 6850-48 Guida Di Rete

ACL Application Example

Configuring ACLs

page 41-22

OmniSwitch AOS Release 6 Network Configuration Guide

In this application for IP filtering, a policy is created to deny Telnet traffic from the outside world to an 
engineering group in a private network.

Set up a policy rule called outside to deny Telnet traffic to the private network.

1 Create a policy service (traffic_in) for traffic originating from the well-known Telnet port number 23. 

-> policy service traffic_in destination ip port 23 protocol 6

2 Create a policy condition (outside_cond) that references the service. 

-> policy condition outside_cond service traffic_in

3 Create a policy action (outside_action) to deny the traffic. 

-> policy action outside_action disposition drop

4 Then combine the condition and the action in a policy rule (outside). 

-> policy rule outside condition outside_cond action outside_action

An example of what these commands look like together on consecutive command lines:

-> policy service traffic_in source ip port 23 protocol 6

-> policy condition outside_cond service traffic_in

-> policy action outside_action disposition drop

-> policy rule outside condition outside_cond action outside_action

traffic originating from the public net-
work destined for the private network