OcNOS-SP : NetConf Command Reference : NetConf Reference : IPI-ACL
IPI-ACL
Configure type
Type indicates the fields allowed in the ACL entries belonging to the ACL set (e.g., ip, ipv6, etc.)
Attribute Name: type
Attribute Type: enum (mac|ip|ipv6|arp)
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set> <!-- operation="delete"-->
<type>ip</type>
<config>
<type>ip</type>
<name>WORD</name>
</config>
<name>NAME</name>
</acl-set>
</acl-sets>
</acl>
Command Syntax
ip access-list NAME
Configure name
Type indicates the fields allowed in the ACL entries belonging to the ACL set (e.g., ip, ipv6, etc.)
Attribute Name: type
Attribute Type: enum (mac|ip|ipv6|arp)
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set> <!-- operation="delete"-->
<type>ipv6</type>
<config>
<type>ipv6</type>
<name>WORD</name>
</config>
<name>NAME</name>
</acl-set>
</acl-sets>
</acl>
Command Syntax
ipv6 access-list NAME
Configure description
Description, or comment, for the ACL set
Attribute Name: description
Attribute Type: string
Attribute Range: 1-100
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<description>LINE</description> <!-- operation="delete"-->
</acl-set>
</acl-sets>
</acl>
Command Syntax
remark LINE
Configure ipv6 disable default icmpv6 rule
Use this attribute to inform that the default icmpv6 rule is disable for the IPv6 ACL.
Attribute Name: ipv6-disable-default-icmpv6-rule
Attribute Type: uint8
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
</ipv6-disable-default-icmpv6-rule><!-- operation="delete"-->
</acl-set>
</acl-sets>
</acl>
Command Syntax
no 268435453 permit icmpv6 any any
Configure starting sequence number
Use this attribute to set starting sequence number for resequencing
Attribute Name: starting-sequence-number
Attribute Type: uint32
Attribute Range: 1-268435453
Attribute Name: increment-steps
Attribute Type: uint32
Attribute Range: 1-268435453
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<re-sequence>
<config>
<increment-steps>1</increment-steps> <!-- operation="delete"-->
<starting-sequence-number>1</starting-sequence-number> <!-- operation="delete"-->
</config>
</re-sequence>
</acl-set>
</acl-sets>
</acl>
Command Syntax
resequence <1-268435453> <1-268435453>
Configure forwarding action default
Use this attribute to set default forwarding action
Attribute Name: forwarding-action-default
Attribute Type: enum (deny-all|permit-all)
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<default-actions>
<config>
<forwarding-action-default>deny-all</forwarding-action-default> <!-- operation="delete"-->
</config>
</default-actions>
</acl-set>
</acl-sets>
</acl>
Command Syntax
default (deny-all|permit-all)
Configure inner vlan id
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: union
Attribute Name: destination-address
Attribute Type: union
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any|host A.B.C.D|A.B.C.D/M|A.B.C.D A.B.C.D) (any|host A.B.C.D|A.B.C.D/M|A.B.C.D A.B.C.D) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure sequence id
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: dscp
Attribute Type: union
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<dscp>default</dscp> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) (any) dscp (default|cs1|af11|af12|af13|cs2|af21|af22|af23|cs3|af31|af32|af33|cs4|af41|af42|af43|cs5|ef|cs6|cs7|<0-63>) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure forwarding action
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: precedence
Attribute Type: union
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<precedence>routine</precedence> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) (any) precedence (routine|priority|immediate|flash|flashoverride|critical|internet|network|<0-7>) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure protocol tcp
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: destination-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-destination-port
Attribute Type: union
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<destination-port-operator>eq</destination-port-operator> <!-- operation="delete"-->
<tcp-destination-port>echo</tcp-destination-port> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip|<0-65535>) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure source address
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: destination-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-destination-port
Attribute Type: enum (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip)
Attribute Name: dscp
Attribute Type: enum (default|cs1|af11|af12|af13|cs2|af21|af22|af23|cs3|af31|af32|af33|cs4|af41|af42|af43|cs5|ef|cs6|cs7)
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<destination-port-operator>eq</destination-port-operator> <!-- operation="delete"-->
<tcp-destination-port>echo</tcp-destination-port> <!-- operation="delete"-->
<dscp>default</dscp> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip) dscp (default|cs1|af11|af12|af13|cs2|af21|af22|af23|cs3|af31|af32|af33|cs4|af41|af42|af43|cs5|ef|cs6|cs7) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure destination address
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: destination-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-destination-port
Attribute Type: enum (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip)
Attribute Name: precedence
Attribute Type: enum (routine|priority|immediate|flash|flashoverride|critical|internet|network)
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<destination-port-operator>eq</destination-port-operator> <!-- operation="delete"-->
<tcp-destination-port>echo</tcp-destination-port> <!-- operation="delete"-->
<precedence>routine</precedence> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip) precedence (routine|priority|immediate|flash|flashoverride|critical|internet|network) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure lower destination port in range
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: lower-destination-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: upper-destination-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<lower-destination-port-in-range>0</lower-destination-port-in-range> <!-- operation="delete"-->
<upper-destination-port-in-range>0</upper-destination-port-in-range> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) (any) range <0-65535> <0-65535> ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure upper destination port in range
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: lower-destination-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: upper-destination-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: dscp
Attribute Type: enum (default|cs1|af11|af12|af13|cs2|af21|af22|af23|cs3|af31|af32|af33|cs4|af41|af42|af43|cs5|ef|cs6|cs7)
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<lower-destination-port-in-range>0</lower-destination-port-in-range> <!-- operation="delete"-->
<upper-destination-port-in-range>0</upper-destination-port-in-range> <!-- operation="delete"-->
<dscp>default</dscp> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) (any) range <0-65535> <0-65535> dscp (default|cs1|af11|af12|af13|cs2|af21|af22|af23|cs3|af31|af32|af33|cs4|af41|af42|af43|cs5|ef|cs6|cs7) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure precedence
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: lower-destination-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: upper-destination-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: precedence
Attribute Type: enum (routine|priority|immediate|flash|flashoverride|critical|internet|network)
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<lower-destination-port-in-range>0</lower-destination-port-in-range> <!-- operation="delete"-->
<upper-destination-port-in-range>0</upper-destination-port-in-range> <!-- operation="delete"-->
<precedence>routine</precedence> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) (any) range <0-65535> <0-65535> precedence (routine|priority|immediate|flash|flashoverride|critical|internet|network) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure source port operator
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: source-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-source-port
Attribute Type: union
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: destination-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-destination-port
Attribute Type: enum (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip)
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<source-port-operator>eq</source-port-operator> <!-- operation="delete"-->
<tcp-source-port>echo</tcp-source-port> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<destination-port-operator>eq</destination-port-operator> <!-- operation="delete"-->
<tcp-destination-port>echo</tcp-destination-port> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip|<0-65535>) (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure tcp source port
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: source-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-source-port
Attribute Type: enum (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: destination-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-destination-port
Attribute Type: enum (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip)
Attribute Name: dscp
Attribute Type: enum (default|cs1|af11|af12|af13|cs2|af21|af22|af23|cs3|af31|af32|af33|cs4|af41|af42|af43|cs5|ef|cs6|cs7)
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<source-port-operator>eq</source-port-operator> <!-- operation="delete"-->
<tcp-source-port>echo</tcp-source-port> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<destination-port-operator>eq</destination-port-operator> <!-- operation="delete"-->
<tcp-destination-port>echo</tcp-destination-port> <!-- operation="delete"-->
<dscp>default</dscp> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip) (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip) dscp (default|cs1|af11|af12|af13|cs2|af21|af22|af23|cs3|af31|af32|af33|cs4|af41|af42|af43|cs5|ef|cs6|cs7) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure destination port operator
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: source-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-source-port
Attribute Type: enum (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: destination-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-destination-port
Attribute Type: enum (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip)
Attribute Name: precedence
Attribute Type: enum (routine|priority|immediate|flash|flashoverride|critical|internet|network)
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<source-port-operator>eq</source-port-operator> <!-- operation="delete"-->
<tcp-source-port>echo</tcp-source-port> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<destination-port-operator>eq</destination-port-operator> <!-- operation="delete"-->
<tcp-destination-port>echo</tcp-destination-port> <!-- operation="delete"-->
<precedence>routine</precedence> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip) (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip) precedence (routine|priority|immediate|flash|flashoverride|critical|internet|network) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure tcp flags
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: source-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-source-port
Attribute Type: enum (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: lower-destination-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: upper-destination-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<source-port-operator>eq</source-port-operator> <!-- operation="delete"-->
<tcp-source-port>echo</tcp-source-port> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<lower-destination-port-in-range>0</lower-destination-port-in-range> <!-- operation="delete"-->
<upper-destination-port-in-range>0</upper-destination-port-in-range> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip) (any) range <0-65535> <0-65535> ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure dscp
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: source-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-source-port
Attribute Type: enum (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: lower-destination-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: upper-destination-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: dscp
Attribute Type: enum (default|cs1|af11|af12|af13|cs2|af21|af22|af23|cs3|af31|af32|af33|cs4|af41|af42|af43|cs5|ef|cs6|cs7)
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<source-port-operator>eq</source-port-operator> <!-- operation="delete"-->
<tcp-source-port>echo</tcp-source-port> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<lower-destination-port-in-range>0</lower-destination-port-in-range> <!-- operation="delete"-->
<upper-destination-port-in-range>0</upper-destination-port-in-range> <!-- operation="delete"-->
<dscp>default</dscp> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip) (any) range <0-65535> <0-65535> dscp (default|cs1|af11|af12|af13|cs2|af21|af22|af23|cs3|af31|af32|af33|cs4|af41|af42|af43|cs5|ef|cs6|cs7) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure vlan id
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: source-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-source-port
Attribute Type: enum (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: lower-destination-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: upper-destination-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: precedence
Attribute Type: enum (routine|priority|immediate|flash|flashoverride|critical|internet|network)
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<source-port-operator>eq</source-port-operator> <!-- operation="delete"-->
<tcp-source-port>echo</tcp-source-port> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<lower-destination-port-in-range>0</lower-destination-port-in-range> <!-- operation="delete"-->
<upper-destination-port-in-range>0</upper-destination-port-in-range> <!-- operation="delete"-->
<precedence>routine</precedence> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip) (any) range <0-65535> <0-65535> precedence (routine|priority|immediate|flash|flashoverride|critical|internet|network) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure lower source port in range
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: lower-source-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: upper-source-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: destination-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-destination-port
Attribute Type: enum (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip)
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<lower-source-port-in-range>0</lower-source-port-in-range> <!-- operation="delete"-->
<upper-source-port-in-range>0</upper-source-port-in-range> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<destination-port-operator>eq</destination-port-operator> <!-- operation="delete"-->
<tcp-destination-port>echo</tcp-destination-port> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) range <0-65535> <0-65535> (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure upper source port in range
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: lower-source-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: upper-source-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: destination-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-destination-port
Attribute Type: enum (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip)
Attribute Name: dscp
Attribute Type: enum (default|cs1|af11|af12|af13|cs2|af21|af22|af23|cs3|af31|af32|af33|cs4|af41|af42|af43|cs5|ef|cs6|cs7)
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<lower-source-port-in-range>0</lower-source-port-in-range> <!-- operation="delete"-->
<upper-source-port-in-range>0</upper-source-port-in-range> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<destination-port-operator>eq</destination-port-operator> <!-- operation="delete"-->
<tcp-destination-port>echo</tcp-destination-port> <!-- operation="delete"-->
<dscp>default</dscp> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) range <0-65535> <0-65535> (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip) dscp (default|cs1|af11|af12|af13|cs2|af21|af22|af23|cs3|af31|af32|af33|cs4|af41|af42|af43|cs5|ef|cs6|cs7) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure tcp destination port
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-tcp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: lower-source-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: upper-source-port-in-range
Attribute Type: uint16
Attribute Range: 0-65535
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: destination-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: tcp-destination-port
Attribute Type: enum (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip)
Attribute Name: precedence
Attribute Type: enum (routine|priority|immediate|flash|flashoverride|critical|internet|network)
Attribute Name: tcp-flags
Attribute Type: bits (ack|established|fin|psh|rst|syn|urg)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-tcp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<lower-source-port-in-range>0</lower-source-port-in-range> <!-- operation="delete"-->
<upper-source-port-in-range>0</upper-source-port-in-range> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<destination-port-operator>eq</destination-port-operator> <!-- operation="delete"-->
<tcp-destination-port>echo</tcp-destination-port> <!-- operation="delete"-->
<precedence>routine</precedence> <!-- operation="delete"-->
<tcp-flags>ack</tcp-flags> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) tcp (any) range <0-65535> <0-65535> (any) (eq|neq|lt|gt) (echo|discard|daytime|chargen|ftp-data|ftp|ssh|telnet|smtp|time|whois|tacacs|domain|gopher|finger|www|hostname|pop2|pop3|sunrpc|ident|nntp|bgp|irc|pim-auto-rp|exec|login|cmd|lpd|talk|uucp|klogin|kshell|drip) precedence (routine|priority|immediate|flash|flashoverride|critical|internet|network) ({ack|established|fin|psh|rst|syn|urg}|) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure protocol udp
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-udp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-udp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) udp (any) (any) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure udp destination port
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-udp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: destination-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: udp-destination-port
Attribute Type: union
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-udp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<destination-port-operator>eq</destination-port-operator> <!-- operation="delete"-->
<udp-destination-port>echo</udp-destination-port> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) udp (any) (any) (eq|neq|lt|gt) (echo|discard|time|nameserver|tacacs|domain|bootps|bootpc|tftp|sunrpc|ntp|netbios-ns|netbios-dgm|netbios-ss|snmp|snmptrap|xdmcp|dnsix|mobile-ip|pim-auto-rp|isakmp|biff|who|syslog|talk|rip|non500-isakmp|<0-65535>) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure udp source port
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-udp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: source-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: udp-source-port
Attribute Type: union
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: destination-port-operator
Attribute Type: enum (eq|neq|lt|gt)
Attribute Name: udp-destination-port
Attribute Type: enum (echo|discard|time|nameserver|tacacs|domain|bootps|bootpc|tftp|sunrpc|ntp|netbios-ns|netbios-dgm|netbios-ss|snmp|snmptrap|xdmcp|dnsix|mobile-ip|pim-auto-rp|isakmp|biff|who|syslog|talk|rip|non500-isakmp)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-udp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<source-port-operator>eq</source-port-operator> <!-- operation="delete"-->
<udp-source-port>echo</udp-source-port> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<destination-port-operator>eq</destination-port-operator> <!-- operation="delete"-->
<udp-destination-port>echo</udp-destination-port> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) udp (any) (eq|neq|lt|gt) (echo|discard|time|nameserver|tacacs|domain|bootps|bootpc|tftp|sunrpc|ntp|netbios-ns|netbios-dgm|netbios-ss|snmp|snmptrap|xdmcp|dnsix|mobile-ip|pim-auto-rp|isakmp|biff|who|syslog|talk|rip|non500-isakmp|<0-65535>) (any) (eq|neq|lt|gt) (echo|discard|time|nameserver|tacacs|domain|bootps|bootpc|tftp|sunrpc|ntp|netbios-ns|netbios-dgm|netbios-ss|snmp|snmptrap|xdmcp|dnsix|mobile-ip|pim-auto-rp|isakmp|biff|who|syslog|talk|rip|non500-isakmp) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure protocol icmp
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-icmp
Attribute Type: empty
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
</protocol-icmp><!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) icmp (any) (any) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Configure protocol name
Use this attribute to set the inner-vlan-id
Attribute Name: inner-vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Attribute Name: forwarding-action
Attribute Type: enum (deny|permit)
Attribute Name: protocol-name
Attribute Type: union
Attribute Name: source-address
Attribute Type: enum (any)
Attribute Name: destination-address
Attribute Type: enum (any)
Attribute Name: vlan-id
Attribute Type: uint16
Attribute Range: 1-4094
Netconf edit-config payload
<acl xmlns="http://www.ipinfusion.com/yang/ocnos/ipi-acl">
<acl-sets>
<acl-set>
<type>mac</type>
<config>
<type>mac</type>
<name>WORD</name>
</config>
<name>NAME</name>
<acl-entries>
<acl-entry>
<sequence-id>1</sequence-id>
<config>
<sequence-id>1</sequence-id>
</config>
<ipv4>
<config>
<forwarding-action>deny</forwarding-action> <!-- operation="delete"-->
<protocol-name>igmp</protocol-name> <!-- operation="delete"-->
<source-address>any</source-address> <!-- operation="delete"-->
<destination-address>any</destination-address> <!-- operation="delete"-->
<vlan-id>1</vlan-id> <!-- operation="delete"-->
<inner-vlan-id>1</inner-vlan-id> <!-- operation="delete"-->
</config>
</ipv4>
</acl-entry>
</acl-entries>
</acl-set>
</acl-sets>
</acl>
Command Syntax
(<1-268435453>|) (deny|permit) (igmp|ipip|ipv6ip|rsvp|gre|esp|ahp|eigrp|ospf|pim|ipcomp|vrrp|any|<0-255>) (any) (any) (vlan <1-4094>|) (inner-vlan <1-4094>|)
Last modified date: 08/22/2023