Configure an ACE TCP Flag

Configure ACE TCP flag entries to have the filter look for packets with a specific TCP flag.

Before you begin

  • The ACL exists.

  • The ACE exists.

Procedure

  1. In the navigation pane, expand Configuration > Security > Data Path.
  2. Select Advanced Filters (ACE/ACLs).
  3. Select the ACL tab.
  4. Select the appropriate ACL.
  5. Select ACE.
  6. Select the appropriate ACE.
  7. Select Proto.
  8. Select the TCP Flags tab.
  9. Select Insert.
  10. Specify the operator for the TCP flags entry.
  11. In the List box, specify the TCP flags to match.
  12. Select Insert.

TCP Flags Field Descriptions

Use the data in the following table to use the TCP Flags tab.

Name

Description

AclId

Specifies the ACL ID.

AceId

Specifies the ACE ID.

Oper

The eq and mask parameters specify an operator for a field match condition: equal to or mask. The mask operator is an implied eq on the mask bits.

List

Specifies one or more TCP flags—none, fin (finish connection), syn (synchronize), rst (reset connection), push, ack (acknowledge), urg (urgent), and undefined.

OperMask

Specifies the mask value.
9037809-01 Rev AA