accesscontrolfilter

Use this command to configure an Access Control Filter for use with SNMP ACLs.

Usage

accesscontrolfilter <name>

snap-oob2(config)#accesscontrolfilter ACLtestfilter
snap-oob2(config-accesscontrolfilter)

Settings

Context Description
Description Optional description of the filter
DstNotEqual True/False Negative matching option for use with TCP/UDP ports only. This option can only be set to true when DstPortStart and DstPortEnd are the same value default: false
DstPortEnd TCP/UDP ending destination port value. The default value start/end values are 0 to 65535 which match any port. default: 65535
DstPortStart TCP/UDP starting destination port value. The default value start/end values are 0 to 65535 which match any port. default: 0
Ethertype (required) Frame ethertype applicable for MAC type of AccessControlFilter only. When used with IPv4 or IPv6 accessControlEntry ethertype is defaulted to 0x0800 and 0x86dd respectively.
Protocol (required) 0-255/ICMPv4/ICMPv6/IGMP/TCP/UDP/GRE/EIGRP/OSPF/PIM/L2TP TCP/UDP ending destination port value. Match on well known values or specify number between 0-255.
SrcNotEqual True/False Negative matching option for use with TCP/UDP ports only. This option can only be set to true when SrcPortStart and SrcPortEnd are the same value default: false
SrcPortEnd TCP/UDP ending source port value. The default value start/end values are 0 to 65535 which match any port. default: 65535
SrcPortStart TCP/UDP starting source port value. The default value start/end values are 0 to 65535 which match any port. default: 0
Type IPv4/IPv6/MAC Type of the AccessControlFilter default: IPv4

Available Commands

Command Purpose
accesscontrolfilter <name> Access Conrol filter name
accesscontrolfilter DstPortStart <integer> TCP/UDP starting destination port value.
accesscontrolfilter DstNotEqual <boolean> Negative matching option for use with TCP/UDP ports only.
accesscontrolfilter SrcNotEqual <boolean> Negative matching option for use with TCP/UDP ports only.
accesscontrolfilter Ethertype <integer> Frame ethertype applicable for MAC type of AccessControlFilter only.
accesscontrolfilter SrcPortStart <integer> TCP/UDP starting source port value.
accesscontrolfilter SrcPortEnd <integer> TCP/UDP ending source port value.
accesscontrolfilter DstPortEnd <integer> TCP/UDP ending destination port value.
accesscontrolfilter Protocol <string> IPv4 protocol field or ipv6 next-header field.
accesscontrolfilter Type <string> Type of the AccessControlFilter
accesscontrolfilter Description <string> Description of the filter (optional).

Example

Commands:

FlexSwitch(config)#accesscontrolfilter testACFilter
FlexSwitch(config-accesscontrolfilter)#Description "Example for docs"
FlexSwitch(config-accesscontrolfilter)#DstNotEqual false
FlexSwitch(config-accesscontrolfilter)#DstPortEnd 65535
FlexSwitch(config-accesscontrolfilter)#DstPortStart 0
FlexSwitch(config-accesscontrolfilter)#Ethertype 0x0800
FlexSwitch(config-accesscontrolfilter)#Protocol TCP 
FlexSwitch(config-accesscontrolfilter)#SrcNotEqual false
FlexSwitch(config-accesscontrolfilter)#SrcPortEnd 65535
FlexSwitch(config-accesscontrolfilter)#SrcPortStart 0
FlexSwitch(config-accesscontrolfilter)#Type IPv4

FlexSwitch(config-accesscontrolfilter)#apply

Response

FlexSwitch(config-accesscontrolfilter)#apply
Applying Config:
id: 1   object: AccessControlFilter   status: APPLIED CONFIG  valid: True delete: False num user cmds: 11
 command                         attr                   value               model attr      iskey    required    userprov    time provisioned         
------------------------------------------------------------------------------------------------------------------------------------------------------
 accesscontrolfilter             accesscontrolfilter    testACFilter        Name            True     X           X           Fri Sep  1 12:06:45 2017 
 testACFilter                                                                                                                                         
 Description Example for docs    Description            Example for docs    Description     False                X           Fri Sep  1 12:07:02 2017 
 DstNotEqual false               DstNotEqual            false               DstNotEqual     False                X           Fri Sep  1 12:07:19 2017 
 DstPortEnd 65535                DstPortEnd             65535               DstPortEnd      False                X           Fri Sep  1 12:07:40 2017 
 DstPortStart 0                  DstPortStart           0                   DstPortStart    False                X           Fri Sep  1 12:07:49 2017 
 Ethertype 0x0800                Ethertype              0x0800              Ethertype       False    X           X           Fri Sep  1 12:08:22 2017 
 Protocol TCP                    Protocol               TCP                 Protocol        False    X           X           Fri Sep  1 12:09:00 2017 
 SrcNotEqual false               SrcNotEqual            false               SrcNotEqual     False                X           Fri Sep  1 12:09:13 2017 
 SrcPortEnd 65535                SrcPortEnd             65535               SrcPortEnd      False                X           Fri Sep  1 12:09:29 2017 
 SrcPortStart 0                  SrcPortStart           0                   SrcPortStart    False                X           Fri Sep  1 12:09:40 2017 
 Type IPv4                       Type                   IPv4                Type            False                X           Fri Sep  1 12:09:49 2017 

sdk:createAccessControlFilter(testACFilter,0,TCP,DstNotEqual=False,SrcNotEqual=False,SrcPortStart=0,SrcPortEnd=65535,DstPortEnd=65535,DstPortStart=0,Type=IPv4,Description=Example for docs) result: SUCCESS: http status code: 201