Lucent Technologies P550R, P220 manual Policy Commands

Page 35

Policy Commands

Table 1-12 shows new and changed Policy Commands in Release 4.0.1:

Table 1-12: Policy Commands

Old Command

New Command

New Definition/Argument

To Enable:

N/A

There is no default.

ip access-group

 

 

<access-list-name>

 

 

[default-action-deny]

 

 

To Disable:

 

 

[no] ip access-group

 

 

 

 

 

To Enable:

To Enable:

<protocol-id> – name or

 

[ip] access-list

number of an IP protocol. It can be

ip access-list

<access-list-name>

one of the keywords eigrp, gre,

<access-list-name>

<access-list-index>

icmp, igmp, igrp, ip, ipinip, nos,

<access-list-index>

{permitdenyfwd1-8}

ospf, tcp, or udp, or an integer in

{permitdenyfwd[1-8]}

<protocol-id>{<source-

the range 0 to 255 representing an

{<source-ip-addr>

ip-addr> <source-

IP protocol number. To match any

[<source-wildcard>]

wildcard>anyhost

Internet protocol (including ICMP,

anyhost <source-ip-

<source-ip-addr> }

TCP, and UDP) use the keyword

addr>}

[{lteqgtrange}

ip.

 

<port> [<port>]]

<dest-ip-addr> – number of

 

{<dest-ip-addr> <dest-

the network or host to which the

 

wildcard> any host

packet is being sent. Use a 32-bit

 

<dest-ip-addr> }

quantity in four-part, dotted-

 

[{lteqgtrange}

decimal format. Use the keyword

 

<port> [<port>]]

any as an abbreviation for a dest

 

[established]

and dest -wildcard of 0.0.0.0 and

 

 

255.255.255.255. Use "host <dest-

 

 

ip-addr>" as an abbreviation for a

 

 

destination with dest-wildcard of

 

 

0.0.0.0.

 

 

 

To Disable:

To Disable:

<dest-wildcard> – wildcard

[no] ip access-list

N/A

bits to be applied to the

<access-list-name>

 

destination. Use a 32-bit quantity

[<access-list-index>]

 

in four-part, dotted-decimal

 

 

format. Place ones in the bit

 

 

positions you want to ignore.

 

 

operator – (Optional) Compares

 

 

source or destination ports.

 

 

Possible operands include: lt = less

 

 

than, gt =greater than, eq=equal,

 

 

neq =not equal, and range

 

 

=inclusive range.

 

 

If the operator is positioned after the

 

 

source and source-wildcard, it must

 

 

match the source port.

 

 

If the operator is positioned after the

 

 

destination and destination-wildcard,

 

 

it must match the destination port.

 

 

 

Cajun P220, P550, P550R Switch Release Notes, Release 4.0.1

35

Image 35
Contents Software Release November Page Read Me First Overview New Features BOOTP/DHCP Relay Gateway Additional Undocumented FeaturesVlan Source Interface Determination BOOTP/DHCP Relay GatewayProduct Binary Files Product BinariesModule Descriptions InstallationDowngrading to a Previous Release Upgrading from Release 3.1 or Previous Releases Cajun P220, P550, P550R Switch Release Notes, Release Workarounds Problems and WorkaroundsCajun 48-Port 10/100 Media Module Cajun DocServer Command Line InterfaceHot Swap Modules Frames Transmitted with CRC ErrorsFront Panel Display HardwareM5520-TX Auto-negotiation with Xircom Adapter Cards Short Cables May Cause Auto-negotiation ProblemsLoopback Tests M5520-TX Loopback Tests During Cold StartExample Intelligent MulticastingPiggyback Ports OspfSpanning Tree SnmpPPP and Telnet Time ZonesDuplicate Vlan Error Message Ieee 802.1Q Packets Vlan IssuesConfiguring VLANs Hot Swapping Modules Functional RestrictionsPing Gigabit Ports Do Not Perform Auto-negotiationAuto-Negotiation Web ConfigurationSetting the Spanning Tree Mode Redundant Controller SupportFile Naming Standard for Embedded Nvram File System Tftp Download Status DelayBug Fixes Buffering Commands Additional Undocumented CommandsBuffering Commands Mod-swport-spec Mod-swport-spec Mod-swport-spec switch portFabric-port-spec fabric port specifier Threshold 0,127,255 Dvmrp CommandsDvmrp Commands IP Commands Igmp CommandsIP Commands Igmp CommandsNamestatic AddrifIPX Commands IPX CommandsBothinboundoutbound Ipx max-service-entriesMax-service-entries DisabledLdap Commands Ldap CommandsNo logging history Logging Commands10 Logging Commands No logging consoleNo logging traps Ospf Commands11 Ospf Commands No logging shutdown12 Policy Commands Policy Commands65535 Sample-interval Port Commands13 Port Commands Mod-swport-spec specifies15 Switch IP Commands Snmp CommandsSwitch IP Commands 14 Snmp CommandsUrlip ip-addr System Commands16 System Commands 17 UI Commands UI CommandsIpx-network.next-hop