Chapter 1 Controlling CSS Access

Controlling CSS Network Traffic Through Access Control Lists

Table 1-2provides variables and options for the clause command. Bolded syntax defines keywords that you enter on the command line. Italics define variables where you enter a value such as an IP address or a host name.

Table 1-2 Clause Command Options

Variables and

 

Options

Parameters

 

 

number

The number you want to assign to the clause. Enter a

 

number from 1 to 254.

 

 

action

The action to apply to the clause. Enter one of the

 

following: bypass, deny, permit

 

 

protocol

The protocol for the traffic type. Enter one of the

 

following: any, icmp, igp, igmp, ospf, tcp, udp

 

 

source_info

The source of the traffic. Enter one of the following:

 

ip_address (optionally include subnet mask in IP

 

address format only) for the source IP address and

 

optional mask IP address.

 

hostname for the source host name. Enter a host name

 

in mnemonic host-name format. Configure the CSS

 

DNS client first to enable the CSS to translate the host

 

name.

 

any for any combination of source IP address and host

 

name information.

 

nql nql_name for an existing Network Qualifier List

 

(NQL) consisting of a list of IP addresses.

 

 

 

 

Cisco Content Services Switch Security Configuration Guide

 

 

 

 

 

 

OL-5650-02

 

 

1-21

 

 

 

Page 45
Image 45
Cisco Systems OL-5650-02 manual Variables Options Parameters