@@ -60,9 +60,10 @@ The table below provides guidance on the usage of parameters when creating ACLs:
60
60
| matchConditions | Conditions required to be matched | |
61
61
| ttlValues | TTL [ Time To Live] | 0-255 |
62
62
| dscpMarking | DSCP Markings that need to be matched | 0-63 |
63
+ | fargments | Specify the IP fragment packets | Range: 1-8191<br > Example: [ 1, 5, 1250-1300, 8000-8191] |
63
64
| portCondition | Port condition that needs to be matched | |
64
65
| portType | Port type that needs to be matched | Example: SourcePort |
65
- | ports | Port number that needs to be matched | Range: 0-65535<br > Example: [ 500, 520, 1025-1050, 1075, 1250-1300 , 64000-65535] |
66
+ | ports | Port number that needs to be matched | Range: 0-65535<br > Example: [ 1, 10, 500, 1025-1050 , 64000-65535] |
66
67
| protocolTypes | Protocols that need to be matched | [ tcp, udp, range[ 1-2, 1, 2]] |
67
68
| vlanMatchCondition | VLAN match condition that needs to be matched | |
68
69
| layer4Protocol | Layer 4 Protocol | should be either TCP or UDP |
@@ -78,6 +79,7 @@ The table below provides guidance on the usage of parameters when creating ACLs:
78
79
> - Egress ACLs do not support certain options like IP options, IP length, fragment, ether-type, DSCP marking, and TTL values.<br >
79
80
> - Ingress ACLs do not support the following options: etherType.<br >
80
81
> - Ports inputs can be ` port-number ` or ` range-of-ports ` .<br >
82
+ > - fFragment inputs can be ` port-number ` or ` range-of-ports ` .<br >
81
83
82
84
### Example payload for ACL creation
83
85
0 commit comments