7000 Series L3 Managed Switch Reference Manual for Software v2.0
10-4 ACL Commands
This command specifies a destination layer 4 port match condition for an ACL rule referenced by
the <aclid> and <rulenum>. The <startport> and <endport> parameters identify the first and
last ports that are part of the port range. They have values from 0 to 65535. The ending port must
have a value equal or greater than the starting port. The starting port, ending port, and all ports in
between will be part of the destination port range.
Either this command or the config acl match destl4port keyword command may be used to
specify a destination layer 4 port range as a match condition.
Format config acl rule match dstl4port range <aclid> <rulenum> <startport>
<endport>
config acl rule match everyThis command specifies a match condition in which all packets match for an ACL rule referenced
by the <aclid> and <rulenum>. The parameter <true/false> indicates to reinforce or negate
every match condition.
Format config acl rule match every <aclid> <rulenum> <true/false>
This command specifies the IP DiffServ Code Point (DSCP) field for an ACL rule referenced by
the <aclid> and <rulenum>. The DSCP is defined as the high-order six bits of the Service Type
octet in the IP header. The <dscpval> parameter identifies the DSCP field and is an integer from
0 to 63.
The commands to match IP DSCP, IP precedence, and IP TOS are alternative ways to specify a
match criterion for the same Service Type field in the IP header, however each uses a different user
notation.
Format config acl rule match ipdscp <aclid> <rulenum> <dscpval>