HP xw460c Blade manual ACL Ethernet Filter configuration, ACL IP Version 4 Filter configuration

Page 148

ACL Ethernet Filter configuration

Command: /cfg/acl/acl <1-762>/ethernet

[Filtering Ethernet

Menu]

smac

- Set

to filter on source MAC

dmac

- Set

to filter on destination MAC

vlan

- Set

to filter on VLAN ID

etype

- Set

to filter on ethernet type

pri

- Set

to filter on priority

reset

- Reset all fields

cur

- Display current parameters

 

 

 

This menu allows you to define Ethernet matching criteria for an ACL. The following table describes the Ethernet Filter Configuration Menu options.

Table 161 Ethernet Filter Configuration Menu options

Command

Description

 

 

smac <MAC address> <MAC mask>

Defines the source MAC address and MAC mask for this ACL.

 

For example:

 

00:60:cf:40:56:00 ff:ff:ff:ff:ff:fc

 

 

dmac <MAC address> <MAC mask>

Defines the destination MAC address and MAC mask for this

 

ACL. For example:

 

00:60:cf:40:56:00 ff:ff:ff:ff:ff:fc

 

 

vlan <1-4095> <VLAN mask (0xfff)>

Defines a VLAN number and mask for this ACL.

 

 

etype ARPIPIPv6MPLSRARPany0xXXXX

Defines the Ethernet type for this ACL.

 

 

pri <0-7>

Defines the Ethernet priority value for the ACL.

 

 

reset

Resets Ethernet parameters for the ACL to their default values.

 

 

cur

Displays the current Ethernet parameters for the ACL.

 

 

ACL IP Version 4 Filter configuration

Command: /cfg/acl/acl <1-762>/ipv4

 

 

 

[Filtering IPv4 Menu]

 

sip

- Set to filter on source IP address

 

dip

- Set to filter on destination IP address

 

proto

- Set to filter on protocol

 

tos

- Set to filter on TOS

 

reset

- Reset all fields

 

cur

- Display current parameters

 

 

 

This menu allows you to define IPv4 matching criteria for an ACL. The following table describes the IP version 4 Filter Configuration Menu options.

Table 162 IPv4 Filter Configuration Menu options

Command

Description

 

 

sip <IP address> <IP mask>

Defines a source IP address for the ACL. If defined, traffic with this source IP

 

address will match this ACL. Specify an IP address in dotted decimal notation.

 

For example, 100.10.1.1

 

 

dip <IP address> <IP mask>

Defines a destination IP address for the ACL. If defined, traffic with this

 

destination IP address will match this ACL. For example, 100.10.1.2

 

 

Configuration Menu 148

Page 147 Page 149
Image 148
Page 147 Page 149
Contents HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Page Contents Statistics Menu Configuration Menu 111 Index Command line interface Connecting to the switch IntroductionAdditional references Establishing a console connectionSetting an IP address Telnet GbE2c Ethernet Blade Switch IP addressEstablishing a Telnet connection Establishing an SSH connectionAccessing the switch # ssh user@GbE2c Ethernet Blade Switch IP addressIdle timeout Typographical conventions AaBbCc123Main Menu Menu summaryDelay Global commandsTraceroute host name IP address max-hops msec Command line history and editing Telnet hostname IP address portCommand line interface shortcuts Command stackingCommand abbreviation Tab completionConfiguring Simple Network Management Protocol support # /cfg/sys/access/snmp disableread onlyread/writeMain# /cfg # /cfg/sys/ssnmp/rcommwcommChanging the default administrator password Setting passwordsSystem# apply System# save Changing the default user password Changing the default operator password Information Menu Menu overviewSystem Information Menu SNMPv3 Information MenuAdminsha SNMPv3 USM User Table informationComm V1v2onlySNMPv3 Access Table information SNMPv3 View Table informationSNMPv3 Community Table information SNMPv3 Group Table informationPrefix SNMPv3 Target Address Table information SNMPv3 Target Parameters Table informationSNMPv3 Notify Table information Command /info/sys/snmpv3/notify NameTag V1v2trapv1v2trapSec Level SNMPv3 dump System information Show last 100 syslog messages System user informationLayer 2 information Cfg/sys/access/user/uid command8021x Stp Find MAC address Vlan FDB information menuPort port number Link Aggregation Control Protocol information Show all FDB informationLacp dump 802.1x information Port Auth Mode Authenticator PAE StateCommand /info/l2/stp Spanning Tree informationCurrent Root Path-CostPriority bridge HelloRapid Spanning Tree and Multiple Spanning Tree information Designated portDesg 8017 P2P2,Edge Desg 8018Disabled DSB Common Internal Spanning Tree information Trunk group information Disabled DSBDiscarding Disc , Learning LRN , Forwarding FWD , or Layer 2 general information Vlan informationLayer 3 information Route information Find IP addressGw IP address If IP addressShow all IP Route information Command /info/arp/dump IP address Flags MAC address ARP informationShow all ARP entry information VlanNbr nbr router-id A.B.C.D Ospf informationDbase Sumaddr Nsumadd Routes Dump Ospf interface information Ospf general informationOspf Database information menu Advrtr router-id A.B.C.D Asbrsum adv-rtr A.B.C.D Linkstateid A.B.C.DselfExt adv-rtr A.B.C.D linkstateid A.B.C.Dself Nw adv-rtr A.B.C.D linkstateid A.B.C.DselfRouting Information Protocol information Ospf route codes informationRIP Routes information IP information RIP user configurationIgmp multicast group information Igmp multicast router port information Command /info/l3/vrrp Vrrp informationVrrp information QoS information 802.1p informationQoS Menu 8021p Show QOS 802.1p information 8021pACL information Rmon Information MenuRmon history information IntervalCommand /info/rmon/event Rmon alarm informationRmon event information Link status information Port information Command /info/port Port Tag Rmon PvidVLANs Command /info/geaport Logical Port GEA Port0-based GEA Unit Uplink Failure Detection Enabled LtM status Down MemberLogical Port to GEA Port mapping Uplink Failure Detection informationCommand /info/dump Information dumpNtp clear Menu informationUfd clear Port Statistics Menu 802.1x statistics AuthenticatingAuthSuccessesWhile BackendNonNakResponsesFrom Bridging statisticsSupplicant Ethernet statistics Dot3StatsFCSErrors Dot3StatsInternalMacTransmitErrorsDot3StatsSingleCollisionFrames Dot3StatsMultipleCollisionFramesInterface statistics Internet Protocol IP statistics Link statisticsPort Rmon statistics Layer 2 statistics FDB statisticsLacp statistics Layer 3 statisticsArp clear Clrigmp 1- 4095 allGEA Layer 3 statistics menu GEA Layer 3 statisticsIP statistics L3 bucket for An IP address DumpRoute statistics ARP statisticsDNS statistics Icmp statisticsTCP statistics UDP statistics Command /stats/l3/ospf Igmp Multicast Group statisticsOspf statistics menu Ospf stats MenuOspf global statistics Tx ls Updates Nbr changeTimers Kickoff Vrrp statisticsCommand /stats/l3/rip Management Processor statisticsRIP statistics Packet statisticsAllocs 10ad41e8/10ad5790CPU statistics Access Control List ACL statistics menuACL statistics Snmp statistics Only NTP statistics Command /stats/dump Uplink Failure Detection statisticsStatistics dump Number of times LtM link in BlockingConfiguration Menu Saving the configuration Viewing, applying, reverting, and saving changesViewing pending changes Applying pending changesSystem configuration RemindersSystem host log configuration Line to endBannr 1-80 characters Host IP addressConsole disableenable Secure Shell Server configurationLog featureall enabledisable Radius server configuration Command /cfg/sys/radiusIntrval Sshport TCP port numberTACACS+ server configuration Telnet enabledisable Port TCP port numberNTP server configuration System Snmp configurationDlight disableenable Command /cfg/sys/ssnmpName 1-64 characters SNMPv3 configurationCharacters User Security Model configuration V1v2 disableenableSNMPv3 View configuration Name 1-32 charactersTree 1-32 characters Mask 1-32 charactersView-based Access Control Model configuration SNMPv3 Group configurationUsmsnmpv1snmpv2 Level NoAuthNoPrivauthNoUsmsnmpv1snmpv2 Uname SNMPv3 Community Table configurationDel Deletes the vacmSecurityToGroup entry Cur SNMPv3 Target Address Table configuration SNMPv3 Target Parameters Table configurationAddr transport Address ip Port transportSNMPv3 Notify Table configuration Snmpv1snmpv2csnmp ModelSystem Access configuration Management Networks configurationUser ID configuration User Access Control configurationUseroperadmin Name Https Access configuration Port configurationAccess enabledisable Name 1-64 characters none Port link configuration Temporarily disabling a port802.1x configuration Layer 2 configurationPort ACL/QoS configuration Mode force 802.1x Global configurationUnauthautoforce-auth 802.1x Port configuration Reauth onoffMode rstpmstp RevCommon Internal Spanning Tree configuration Bridge parameter menuPort parameter menu 4095Cist bridge configuration Cist port configurationSpanning Tree configuration Edge disableenableCost Link autop2psharedBridge Spanning Tree configuration Spanning Tree port configuration Cur Display current port Spanning Tree parametersStatic FDB configuration Forwarding Database configurationFastfwd disableenable Trunk configuration MAC address Vlan portClear mac MAC AddressVLAN 1-4095 Port port numberAll Add port numberLayer 2 IP Trunk Hash configuration IP Trunk Hash configurationLink Aggregation Control Protocol configuration Lacp Port configuration Vlan configurationTimeout shortlong Mode offactivepassivePort number Layer 3 configurationList of port numbers Addr IP address IP interface configurationMask IP subnet mask IP Static Route configuration Default Gateway configurationAddress Resolution Protocol configuration IP Forwarding configurationNetwork Filter configuration Dirbr disableenableAp AS number AS number AS Route Map configurationLp 0-4294967294 none IP Access List configuration Autonomous System Path configurationMetric 1-4294967294none Action permitdenyRouting Information Protocol configuration RIP Interface configuration Open Shortest Path First configuration RIP Route Redistribution configurationAdd 1-32 1-32all Remove 1-32 1-32allOsfp Area Index configuration Default 1-16777215 12noneMd5key 1-255 characters Redist fixedstaticripOspf Summary Range configuration Auth nonepasswordmd5Areaid IP address Type transitstubnssaOspf Interface configuration Mask IP address maskKey key stringnone Mdkey 1-255noneKey password Ospf Virtual Link configurationNbr IP address Ospf Host Entry configuration Ospf Route Redistribution configurationRem 1-32 1-32 ... all Export 1-16777215 12noneIgmp configuration Ospf MD5 Key configurationIgmp snooping configuration Aggr disableenableFastlv 1-4095 disableenable Srcip IP addressIgmp static multicast router configuration Igmp filtering configurationAdd port number 1-4095 FilterIgmp filtering port configuration Igmp filter definitionRange IP multicast address IP Multicast addressBootstrap Protocol Relay configuration Domain Name System configurationVirtual Router Redundancy Protocol configuration Vrrp Virtual Router configurationPreem disableenable Vrrp Virtual Router Priority Tracking configuration Vrrp Virtual Router Group configurationVrs disableenable Ifs disableenableVrrp Virtual Router Group Priority Tracking configuration Vrrp Tracking configuration Vrrp Interface configurationPassw password Access Control configuration Quality of Service configurationQoS 802.1p configuration Access Control List configuration Egrport port numberAction permitdenysetprio Stats edACL Ethernet Filter configuration ACL IP Version 4 Filter configurationSport 1-65535 port mask ACL TCP/UDP Filter configurationFlags value 0x0-0x3f ACL Meter configuration ACL Re-mark configurationEnable ed CirACL Re-mark In-Profile Update User Priority configuration ACL Re-mark In-Profile configurationACL Re-mark Out-of-Profile configuration ACL Packet Format configuration Remote Monitoring configurationACL Group configuration Ifoid 1-127 characters Rmon history configurationOwner 1-127 characters Rmon event configuration Rmon alarm configurationDescn 1-127 characters Type nonelogtrapbothPort mirroring Rlimit -2147483647 to2147483647 Flimit -2147483647 toUplink Failure Detection configuration Port-based port mirroringAdd mirrored port inoutboth Rem mirrored portFailure Detection Pair configuration Link to Monitor configurationAddport port number Remport port numberSaving the active switch configuration Link to Disable configurationDump Addport port number Remport port numberCommand /cfg/gtcfg FTP/TFTP server filename Restoring the active switch configurationConfiguration# gtcfg FTP/TFTP server filename Operations Menu Operations-level port optionsOperations-level port 802.1x options Reset ReauthOperations-level Vrrp options Updating the switch software image Downloading new software to the switchSelecting a software image to run AddressUploading a software image from the switch Selecting a configuration blockBoot Options# ptimg Boot Options# confResetting the switch Accessing the IscliBoot Options# reset Boot Options# curMaintenance Menu System maintenance options Forwarding Database optionsFlags new Nvram flags word as 0xXXXXXXXXDebugging options ARP cache optionsIgmp Multicast Group options IP Route Manipulation optionsBroadcastmartian Igmp Snooping options Igmp Mrouter optionsFTP/TFTP system dump put Uuencode flash dumpClearing dump information Panic command Command /maint/panicConfirm dump and reboot y/n y Unscheduled system dumpsIndex
Related manuals
Manual 33 pages 57.51 Kb
Top Page Image Contents