Configuring an ACE TCP flag

Configure ACE TCP flag entries to have the filter look for packets with a specific TCP flag.

Before you begin

  • The ACL exists.

  • The ACE exists.

Procedure

  1. In the navigation tree, expand the following folders: Configuration > Security > Data Path.
  2. Click Advanced Filters (ACE/ACLs).
  3. Click the ACL tab.
  4. Select the appropriate ACL.
  5. Click ACE.
  6. Select the appropriate ACE.
  7. Click Proto.
  8. Click the TCP Flags tab.
  9. Click Insert.
  10. Specify the operator for the TCP flags entry.
  11. In the List box, specify the TCP flags to match.
  12. Click Insert.

TCP Flags field descriptions

Use the data in the following table to use the TCP Flags tab.

Name

Description

AclId

Specifies the ACL ID.

AceId

Specifies the ACE ID.

Oper

The eq and mask parameters specify an operator for a field match condition: equal to or mask. The mask operator is an implied eq on the mask bits.

List

Specifies one or more TCP flags—none, fin (finish connection), syn (synchronize), rst (reset connection), push, ack (acknowledge), urg (urgent), and undefined.

OperMask

Specifies the mask value.
9037147-00 Rev AB