Home
Главная
Qtech
Коммутаторы
QSW-8200-52T-AC
Команды для функции безопасности Страница: 14

Qtech QSW-8200-52T-AC Команды для функции безопасности онлайн [14/114] 481623

User Manual

Chapter 1. Commands for ACL 14

www.qtech.ru

mac <host_dmac>}|{<dmac><dmac-mask>}}igmp {{<source><source-wildcard>}|any-

source|{host-source<source-host-ip>}} {{<destination><destination-wildcard>}|any-

destination| {host-destination<destination-host-ip>}} [<igmp-type>] [precedence

<precedence>] [tos <tos>][time-range<time-range-name>]

 access-list <num> {deny|permit}{any-source-mac| {host-source-mac <host_smac> }|{

<smac> <smac-mask> }}{any-destination-mac| {host-destination-mac <host_dmac>

}|{ <dmac> <dmac-mask> }}tcp {{ <source> <source-wildcard> }|any-source| {host-

source <source-host-ip> }}[s-port{ <port1> | range <sPortMin> <sPortMax> }] {{

<destination> <destination-wildcard> } | any-destination | {host-destination

<destination-host-ip> }} [d-port { <port3> | range <dPortMin> <dPortMax> }]

[ack+fin+psh+rst+urg+syn] [precedence <precedence> ] [tos <tos> ] [time-range

<time-range-name> ]

 access-list <num> {deny|permit}{any-source-mac| {host-source-mac <host_smac> }|{

<smac> <smac-mask> }}{any-destination-mac| {host-destination-mac <host_dmac>

}|{ <dmac> <dmac-mask> }}udp {{ <source> <source-wildcard> }|any-source| {host-

source <source-host-ip> }}[s-port{ <port1> | range <sPortMin> <sPortMax> }] {{

<destination> <destination-wildcard> }|any-destination| {host-destination

<destination-host-ip> }}[d-port{ <port3> | range <dPortMin> <dPortMax> }]

[precedence <precedence> ] [tos <tos> ][time-range <time-range-name> ]

 access-list <num> {deny|permit}{any-source-mac| {host-source-mac <host_smac> }|{

<smac> <smac-mask> }} {any-destination-mac|{host-destination-mac <host_dmac>

}|{ <dmac> <dmac-mask> }} {eigrp|gre|igrp|ip|ipinip|ospf|{ <protocol-num> }} {{

<source> <source-wildcard> }|any-source|{host-source <source-host-ip> }} {{

<destination> <destination-wildcard> }|any-destination| {host-destination

<destination-host-ip> }} [precedence <precedence> ] [tos <tos> ][time-range <time-

range-name> ]

 Functions: Define an extended numeric MAC-IP ACL rule, no command deletes a

extended numeric MAC-IP ACL access-list rule.

 Parameters: num access-list serial No. this is a decimal’s No. from 3100-3299; deny if

rules are matching, deny to access; permit if rules are matching, permit to access; any-

source-mac: any source MAC address; any-destination-mac: any destination MAC

address; host_smac , smac: source MAC address; smac-mask: mask (reverse mask) of

source MAC address ; host_dmac , dmas destination MAC address; dmac-mask mask

(reverse mask) of destination MAC address; protocol No. of name or IP protocol. It can

be a key word: eigrp, gre, icmp, igmp, igrp, ip, ipinip, ospf, tcp, or udp, or an integer

from 0-255 of list No. of IP address. Use key word ‘ip’ to match all Internet protocols

(including ICMP, TCP, AND UDP) list; source-host-ip, source No. of source network or

source host of packet delivery. Numbers of 32-bit binary system with dotted decimal

notation expression; host: means the address is the IP address of source host,

otherwise the IP address of network; source-wildcard: reverse of source IP. Numbers of

32-bit binary system expressed by decimal’s numbers with four-point separated,

reverse mask; destination-host-ip, destination No. of destination network or host to

which packets are delivered. Numbers of 32-bit binary system with dotted decimal

Qtech QSW-8200-52T-AC Команды для функции безопасности онлайн [14/114] 481623

Содержание

Похожие устройства