ACL TCP/UDP Filter configuration | HP BMD00022 guide

ACL TCP/UDP Filter configuration

Command: /cfg/acl/acl <1-384>/tcpudp

[Filtering TCP/UDP Menu]


sport	- Set to filter on			TCP/UDP source port
dport	- Set to filter		on TCP/UDP destination port
flags	- Set to filter		TCP/UDP flags
reset	-	Reset all fields
cur	-	Display current parameters

This menu allows you to define TCP/UDP matching criteria for an ACL. The following table describes the TCP/UDP Filter Configuration Menu options.

Table 174 TCP/UDP Filter Configuration Menu options

Command	Description

sport <1-65535> <port mask>	Defines a source port for the ACL. If defined, traffic with the specified
	TCP or UDP source port will match this ACL. Specify the port number.
	Some of the well-known ports include:
	•	Number—Name
	•	20—ftp-data
	•	21—ftp
	•	22—ssh
	•	23—telnet
	•	25—smtp
	•	37—time
	•	42—name
	•	43—whois
	•	53—domain
	•	69—tftp
	•	70—gopher
	•	79—finger
	•	80—http

dport <1-65535>	Defines a destination port for the ACL. If defined, traffic with the
	specified TCP or UDP destination port will match this ACL. Specify the
	port number, just as with sport above.

flags <value (0x0-0x3f)>	Defines a TCP/UDP flag for the ACL.

reset	Resets the TCP/UDP parameters for the ACL to their default values.

cur	Displays the current TCP/UDP Filtering parameters.

Configuration Menu 194

Image 194

HP BMD00022 manual ACL TCP/UDP Filter configuration, Command /cfg/acl/acl 1-384/tcpudp, Filtering TCP/UDP Menu

Contents

HP 10Gb Ethernet BL-c Switch Legal notices Contents 100 Statistics Menu 103 101102 105 165 163164 168 Index 224 Additional references Connecting to the switchIntroduction Parameter Value Setting an IP addressEstablishing a console connection Establishing an SSH connection Telnet 10GbE switch IP addressEstablishing a Telnet connection 3DES # ssh user@10Gb switch IP address Accessing the switchYou will then be prompted to enter your password Idle timeout User account Description and tasks performed AaBbCc123 Typeface or Meaning Example SymbolTypographical conventions Address Main Menu Menu summary Command Action Global commandsFollowing table describes the global commands Or print Verbose n Traceroute host name IP address max-hops msec delayExit or Quit Telnet hostname IP address port -m-mgt-d-data Command line history and editing Option Description Command abbreviation Command line interface shortcutsCommand stacking Tab completion Configuration Menu is displayed Main# /cfg Changing the default administrator password Setting passwordsConfiguring Simple Network Management Protocol support Use the following command to enable Snmp Enter the new administrator password, again, at the prompt Enter the current administrator password at the promptEnter the new administrator password at the prompt System Menu is displayed Changing the default user password Changing the default operator password Enter new operator password Enter the new operator password at the promptEnter the new operator password, again, at the prompt Re-enter new operator password Menu overview Command /infoCommand Usage Following table describes the Information Menu options Command /info/sys System Information Menu Command /info/sys/snmpv3 SNMPv3 Information Menu SNMPv3 USM User Table information Command /info/sys/snmpv3/usmCommand /info/sys/snmpv3/view SNMPv3 View Table information Following table describes the SNMPv3 View Table information SNMPv3 Access Table informationCommand /info/sys/snmpv3/access SNMPv3 Group Table information Command /info/sys/snmpv3/groupCommand /info/sys/snmpv3/comm SNMPv3 Community Table information SNMPv3 Target Address Table information Command /info/sys/snmpv3/taddrCommand /info/sys/snmpv3/tparam SNMPv3 Target Parameters Table information NameTag V1v2trapv1v2trap Command /info/sys/snmpv3/notifySNMPv3 Notify Table information Command /info/sys/snmpv3/dump SNMPv3 dump Command /info/sys/gen System information Command /info/sys/log Show last 100 syslog messages System user information Command /info/sys/userCfg/sys/access/user/uid command Following table describes the User Name information Command /info/l2 Layer 2 information Find MAC address Vlan Command /info/l2/fdbFDB information menu Port port number Link Aggregation Control Protocol information Command /info/l2/fdb/dumpCommand /info/l2/lacp Show all FDB information Hot Links Trigger information Command /info/l2/lacp/dumpCommand /info/l2/hotlink/trigger Lacp dump Following table describes the Ieee 802.1X parameters Command /info/l2/8021x802.1X information Authenticator PAE State Backend Auth State Command /info/l2/stp Spanning Tree information Parameters Description Desg 8018 Rapid Spanning Tree / Multiple Spanning Tree informationDesg 8017 P2P2,Edge Parameter Description Command /info/l2/cist Common Internal Spanning Tree information Following table describes the Cist parameters Cist Root Trunk group 1, Enabled port state STG 1 forwarding Command /info/l2/trunkCommand /info/l2/vlan Trunk group information STP uplink fast mode Command /info/l2/uplinkSTP uplink fast mode disabled Fast Uplink Convergence status Command /info/l3 Layer 3 information Route information Command /info/l3/routeCommand /info/l3/route/dump Show all IP Route information Following table describes the Type parameter Following table describes the Tag parameter ARP information Command /info/arpCommand /info/arp/dump Show all ARP entry information Ospf information Command /info/arp/addrCommand /info/l3/ospf ARP address list information Ospf general information Command /info/l3/ospf/generalCommand /info/l3/ospf/if Ospf interface information Command /info/l3/ospf/dbase Ospf Database information menu Rtr adv-rtr A.B.C.D Command /info/l3/ospf/routesOspf route codes information Linkstateid A.B.C.Dself RIP Routes information RIP user configurationRouting Information Protocol information Command /info/l3/ip IP information Command /info/l3/igmp/dump Command /info/l3/igmpTimer information Igmp multicast group information Igmp multicast router information 4094 Command /info/l3/vrrp Vrrp information Command /info/l3/sm/port Server Mobility Port information QoS information Command /info/qosCommand /info/qos/8021p 802.1p information Command /info/acl ACL information Rmon Information Menu Command /info/rmonCommand /info/rmon/hist Rmon history information Rmon alarm information Command /info/rmon/alarm Command /info/rmon/event Trap, both Command /info/link Link status information Port information Command /info/portCommand /info/transcvr Transceiver status Uplink Failure Detection information Command /info/ufdCommand /info/dump Information dump Following table describes the Statistics Menu options Command /statsMenu information Ntp clear Sfd clear Command /stats/port port numberPort Statistics Menu Statistics Port Command /stats/port port number/8021x802.1X statistics BackendNonNakResponsesFromSupplic ant Statistics Description Command /stats/port port number/brgBridging statistics Command /stats/port port number/ether Ethernet statistics Dot3StatsMultipleCollisionFrames Dot3StatsInternalMacTransmitErrorsDot3StatsCarrierSenseErrors object Dot3StatsSingleCollisionFrames object Command /stats/port port number/if Interface statistics Octets-IfHCOut Errors-IfHCInErrors-IfHCOut UcastPkts-IfHCOut Internet Protocol IP statistics Command /stats/port port number/ipCommand /stats/port port number/link Link statistics Command /stats/port port number/rmon Port Rmon statistics EtherStatsCollisions EtherStatsFragmentsEtherStatsJabbers EtherStatsPkts64Octets Layer 2 statistics Command /stats/l2/fdbCommand /stats/l2/lacp port number FDB statistics Following table describes the Hot Links statistics Command /stats/l2/hotlinkHot Links statistics Statistic Description Arp clear Command /stats/l3Layer 3 statistics Igmpgrps GEA Layer 3 statistics menu Command /stats/l3/geal3Command /stats/l3/geal3/dump GEA statistics Following table describes the IP statistics Command /stats/l3/ipIP statistics Route statistics ARP statisticsDNS statistics Command /stats/l3/icmp Icmp statistics Command /stats/l3/tcp TCP statistics Semantics of the Ubound quantity described in RFC UDP statistics Command /stats/l3/udpCommand /stats/l3/igmp Vlan number Igmp Multicast Group statistics Following table describes the Ospf statistics menu options Command /stats/l3/ospfOspf statistics menu Following table describes the Ospf global statistics Command /stats/l3/ospf/generalOspf global statistics Rx ls Acks Rx ls UpdatesTx ls Updates Tx ls Acks Timers Kickoff Hello Nbr change Following table describes the Vrrp statistics Command /stats/l3/vrrpVrrp statistics Command /stats/l3/rip RIP statistics Packet statistics Command /stats/mp/pktManagement Processor statistics Command /stats/mp/tcb Command /stats/mp/ucb ACL statistics Access Control List ACL statistics menuCPU statistics Command /stats/snmp Snmp statistics NoSuchName Command /stats/ntp NTP statistics Following table describes the NTP statistics Command /stats/ufdUplink Failure Detection statistics Primary Server Command /stats/dump Statistics dump Command /cfg Following table describes the Configuration Menu options Applying pending changes Viewing, applying, reverting, and saving changesViewing pending changes Reverting changes Cfg/sys/reminders dis Saving the configurationReminders # save System configuration Command /cfg/sys Command /cfg/sys/syslog System host log configurationAddress. The default value is enabled Multi-line to end Log featureall enabledisable Command DescriptionConsole disableenable Host IP address Intrval Secure Shell Server configurationCommand /cfg/sys/sshd Sshport TCP port number Radius server configuration Command /cfg/sys/radius TACACS+ server configuration Command /cfg/sys/tacacs+ Port TCP port number Cmap enabledisableUseroperadminnone Mgtdata NTP server configurationCommand /cfg/sys/ntp System Snmp configuration Command /cfg/sys/ssnmp Wcomm 1-32 characters SNMPv3 configurationCommand /cfg/sys/ssnmp/snmpv3 V1v2 disableenable User Security Model configurationCommand /cfg/sys/ssnmp/snmpv3/usm Name 1-32 characters SNMPv3 View configurationCommand /cfg/sys/ssnmp/snmpv3/view Characters Rview 1-32 characters View-based Access Control Model configurationCommand /cfg/sys/ssnmp/snmpv3/access Wview 1-32 characters Command /cfg/sys/ssnmp/snmpv3/group SNMPv3 Group configurationSNMPv3 Community Table configuration Command /cfg/sys/ssnmp/snmpv3/comm SNMPv3 Target Address Table configuration Command /cfg/sys/ssnmp/snmpv3/taddr AuthPriv SNMPv3 Target Parameters Table configurationCommand /cfg/sys/ssnmp/snmpv3/tparam Snmpv1snmpv2csnmpv3 Command /cfg/sys/ssnmp/snmpv3/notify System Access configurationSNMPv3 Notify Table configuration Command /cfg/sys/access Management Networks configuration Command /cfg/sys/access/mgmt Command /cfg/sys/access/user User Access Control configurationUser ID configuration Command /cfg/sys/access/user/uid Access enabledisable Https Access configurationCommand /cfg/sys/access/https Port configuration Command /cfg/port port number Temporarily disabling a port Port link configurationCommand /cfg/port port number/gig Port ACL/QoS configuration Command /cfg/port port number/aclqos Edge enabledisable Port Pvrst configurationCommand /cfg/port port number/stp Link autop2pshared Enabledisable Layer 2 configurationCommand /cfg/l2 Bpdugrd enabledisable 802.1X configuration Command /cfg/l2/8021x CommandDescription 802.1X Global configurationCommand /cfg/l2/8021x/global 802.1X Port Configuration Menu 802.1X Port configurationCommand /cfg/l2/8021x/port port number Applies the global 802.1X parameters to the port Rstpmstppvrst Command /cfg/l2/mrstRev Following configurations are supported Common Internal Spanning Tree configurationFollowing configurations are unsupported Command /cfg/l2/mrst/cist Cist bridge configuration Command /cfg/l2/mrst/cist/brg Cost Cist port configurationCommand /cfg/l2/mrst/cist/port port number Edge disableenable Spanning Tree configurationCommand /cfg/l2/stp Bridge Spanning Tree configuration Command /cfg/l2/stp/brg Spanning Tree port configuration Command /cfg/l2/stp 1-128/port port number Fastfwd disableenable Command /cfg/l2/fdb Forwarding Database configurationStatic FDB configuration Command /cfg/l2/fdb/static Add port number Trunk configurationCommand /cfg/l2/trunk Rem port number Command /cfg/l2/thash IP Trunk Hash configurationLayer 2 IP Trunk Hash configuration Command /cfg/l2/thash/set Command /cfg/l2/lacp Link Aggregation Control Protocol configurationLacp Port configuration Command /cfg/l2/lacp/port port number Def list of port numbers Vlan configurationCommand /cfg/l2/vlan Pty Ether2SNAPLLC Protocol Vlan configurationCommand /cfg/l2/vlan x/pvlan Ethernet type Tagpvl enabledisable Private Vlan configurationCommand /cfg/l2/vlan x/privlan Type primaryisolatedcommunity Bpdu enabledisable Hot Links configurationCommand /cfg/l2/hotlink Sndfdb enabledisable Command /cfg/l2/hotlink/trigger Hot Links Trigger configurationHot Links Master configuration Command /cfg/l2/hotlink/trigger 1-4/master Following table describes the Hot Links Backup Menu options Hot Links Backup configurationCommand /cfg/l2/hotlink/trigger 1-4/backup Gw 1-4 Layer 3 configurationCommand /cfg/l3 Relay disableenable IP interface configurationCommand /cfg/l3/if Addr IP address Arp disableenable Default Gateway configurationCommand /cfg/l3/gw 1-4 Command /cfg/l3/route IP Static Route configurationAddress Resolution Protocol configuration Command /cfg/l3/arp Command /cfg/l3/arp/static Static ARP configurationIP Forwarding configuration Command /cfg/l3/frwd Command /cfg/l3/nwf Network Filter configurationRoute Map configuration Command /cfg/l3/rmap Type 12none IP Access List configurationCommand /cfg/l3/rmap 1-32/alist Metric 1-16777214none Current Display current RIP configuration Routing Information Protocol configurationCommand /cfg/l3/rip Off Globally turn RIP Interface configuration Command /cfg/l3/rip/if Add 1-32 1-32all RIP Route Redistribution configurationCommand /cfg/l3/rip/redist fixedstaticospfeospf Remove 1-32 1-32all Md5key 1-255 characters Open Shortest Path First configurationCommand /cfg/l3/ospf Auth nonepasswordmd5 Osfp Area Index configurationCommand /cfg/l3/ospf/aindex Areaid IP address Command /cfg/l3/ospf/range Ospf Interface configurationOspf Summary Range configuration Command /cfg/l3/ospf/if Key key stringnone Mdkey 1-255none Key password Ospf Virtual Link configurationCommand /cfg/l3/ospf/virt Nbr IP address Command /cfg/l3/ospf/host Ospf Host Entry configurationOspf Route Redistribution configuration Command /cfg/l3/ospf/redist fixedstaticrip Export 1-16777215 12none Ospf MD5 Key configurationCommand /cfg/l3/ospf/md5key key ID Key 1-16 characters Command /cfg/l3/igmp Igmp configurationIgmp snooping configuration Command /cfg/l3/igmp/snoop Ports Flood disableenableAggr disableenable Igmpv3 IGMPv3 Snooping configuration Command /cfg/l3/igmp/snoop/igmpv3 Add port number 1-4094 Igmp static multicast router configurationIgmp filtering configuration Remove port number Command /cfg/l3/igmp/igmpflt/port port number Igmp filtering port configurationCommand /cfg/l3/igmp/igmpflt/filter Igmp filter definition Command /cfg/l3/dns Domain Name System configurationBootstrap Protocol Relay configuration Command /cfg/l3/bootp Filter enabledisable Server Mobility configurationCommand /cfg/l3/sm Nsmrelay enabledisable Addback port number Server Mobility port configurationCommand /cfg/l3/sm/port port number Remback port number Cur Display current Vrrp configuration Virtual Router Redundancy Protocol configurationCommand /cfg/l3/vrrp Vrrp Virtual Router configuration Command /cfg/l3/vrrp/vr Preem disableenable Vrrp Virtual Router Priority Tracking configurationCommand /cfg/l3/vrrp/vr 1-250/track Switch ports Vrs disableenable Vrrp Virtual Router Group configurationCommand /cfg/l3/vrrp/group Ifs disableenable Virtual Router Group Configuration Menu options Command /cfg/l3/vrrp/group/track Vrrp Virtual Router Group Priority Tracking configurationVrrp Interface configuration Command /cfg/l3/vrrp/if Vrrp Tracking configuration Command /cfg/l3/vrrp/track Command /cfg/qos Quality of Service configurationQoS 802.1p configuration Command /cfg/qos/8021p Command /cfg/acl Access Control configurationAccess Control List configuration Command /cfg/acl/acl ACL Ethernet Filter configuration Command /cfg/acl/acl 1-384/ethernet Sip IP address IP mask ACL IP Version 4 Filter configurationCommand /cfg/acl/acl 1-384/ipv4 Dip IP address IP mask Filtering TCP/UDP Menu ACL TCP/UDP Filter configurationCommand /cfg/acl/acl 1-384/tcpudp Sport 1-65535 port mask Command /cfg/acl/acl 1-384/meter ACL Meter configurationACL Re-mark configuration Command /cfg/acl/acl 1-384/re-mark Command /cfg/acl/acl 1-384/re-mark/inprof ACL Re-mark In-Profile configurationACL Re-mark In-Profile Update User Priority configuration Command /cfg/acl/acl 1-384/re-mark/inprof/up1p Command /cfg/acl/acl 1-384/re-mark/outprof ACL Packet Format configurationACL Re-mark Out-of-Profile configuration Command /cfg/acl/acl 1-384/pktfmt Add acl ACL Group configurationCommand /cfg/acl/group Rem acl Command /cfg/rmon Remote Monitoring configurationRmon history configuration Command /cfg/rmon/hist Following table describes the Rmon Event Menu options Rmon event configurationCommand /cfg/rmon/event Owner 1-127 characters Oid 1-127 characters Rmon alarm configurationCommand /cfg/rmon/alarm Rlimit -2147483647 to Port mirroring Command /cfg/pmirrMirror disableenable Monport port number Add mirrored port inoutboth Command /cfg/pmirr/monport port numberPort-based port mirroring Rem mirrored port Command /cfg/ufd Uplink Failure Detection configurationFailure Detection Pair configuration Command /cfg/ufd/fdp Removes a Lacp admin key from the LtM Link to Monitor configurationCommand /cfg/ufd/fdp/ltm Addport port number Addtrunk Link to Disable configurationAddport port number Remport port number Remtrunk Addkey Remkey Cur Command /cfg/ptcfg FTP/TFTP server filename Saving the active switch configurationRestoring the active switch configuration Command /cfg/gtcfg FTP/TFTP server filename Operations-level port options Command /operCommand /oper/port port number Following table describes the Operations Menu options Operations-level port 802.1X options Command /oper/port port number/8021xRmon disableenable Operations-level Vrrp options Command /oper/vrrpVrrp Operations Menu Back Set virtual router to backup Command /boot Updating the switch software imageDownloading new software to the switch Enter the name of the new software file on the server Enter the password for the FTP server if promptedEnter the hostname or IP address of the FTP or Tftp server Enter the port type to use for the file transfer New choice Uploading a software image from the switchSelecting a software image to run System prompts you for information. Enter the desired image Boot Options# conf Selecting a configuration blockResetting the switch Boot Options# reset Switch# boot cli-mode aos Accessing the IscliBoot Options# mode iscli Maintenance Menu Command /maint System Maintenance Menu Flags Set Nvram flag word System maintenance optionsCommand /maint/sys Flags new Nvram flags word as Forwarding Database options Command /maint/fdbCommand /maint/debug Debugging options MP trace buffer at 132815 Fri May 25, 2002 mask 0x2ffdf748 Command /maint/arpARP cache options IP Route Manipulation options Command /maint/routeCommand /maint/igmp Igmp Multicast Group options Igmp Snooping options Command /maint/igmp/snoopCommand /maint/igmp/mrouter Igmp Mrouter options Clearing dump information Uuencode flash dumpFTP/TFTP system dump put Enter y to confirm the command Panic commandCommand /maint/panic Unscheduled system dumps Index Page Rmon Snmp Vrrp