TL-SL3428/TL-SL3452 JetStream L2 Managed Switch CLI Guide
150
source-ip —— The source IP address contained in the rule.
source-ip-mask —— The source IP address mask. It is required if you typed
the source IP address.
destination-ip —— The destination IP address contained in the rule.
destination-ip-mask —— The destination IP address mask. It is required if you
typed the destination IP address.
time-segment —— The time-range for the rule to take effect. By default, it is
not limited.
frag —— Enable/Disable Fragment. By default, it is disabled. If Fragment is
enabled, this rule will process all the fragments and the last piece of fragment
will be always forwarded.
dscp —— Specify the dscp value, ranging from 0 to 63.
s-port —— The source port number.
d-port —— The destination port number.
tcpflag —— Specify the flag value when using TCP protocol.
protocol —— Configure the value of the matching protocol.
icmptype —— Configure the predefined ICMP type.
icmpcode —— Configure the predefined ICMP code.
tos—— Enter the IP ToS contained in the rule.
pri —— Enter the IP Precedence contained in the rule.
Command Mode
Global Configuration Mode
Example
Create an Extended-IP ACL whose ID is 220, and add Rule 10 for it. In the rule,
the source IP address is 192.168.0.100, the source IP address mask is
255.255.255.0, the time-range for the rule to take effect is tSeg1, and the
packets match this rule will be forwarded by the switch:
TL-SL3428(config)#access-list create 220
TL-SL3428(config)#access-list extended 220 rule 10 permit sip 192.168.0.100
smask 255.255.255.0 tseg tSeg1