CSCF ACL Configuration Mode Commands


CSCF ACL Configuration Mode Commands
 
 
The CSCF ACL (Access Control List) Configuration Mode is used to configure session permissions (permit/deny access) within the system.
 
Important: The commands or keywords/variables that are available are dependent on platform type, product version, and installed license(s).
 
after
Places the CSCF ACL entry at the bottom or end of the ACL. Use this command in conjunction with the permit and/or deny commands.
Product
SCM
Privilege
Administrator
Syntax
after
Usage
Add this command before the permit and/or deny commands to place the entry at the end of the ACL.
 
before
Places the CSCF ACL entry at the beginning or top of the ACL. Use this command in conjunction with the permit and/or deny commands.
Product
SCM
Privilege
Administrator
Syntax
before
Usage
Add this command before the permit and/or deny commands to place the entry at the beginning of the ACL.
 
deny
Configures the system to deny subscriber sessions based on criteria matching the received packet.
Product
SCM
Privilege
Administrator
Syntax
deny { any | destination aor aor | log { any | destination aor aor | source { address ip_address | aor aor } | source { address ip_address | aor aor } }
no deny { any | destination aor aor | source { address ip_address | aor aor } }
any
Filters all CSCF sessions.
destination aor aor
Filters sessions based on the destination AoR. aor must be an existing AoR from 1 to 79 characters in length.
Important: AoR regular expressions are supported. Refer to the SCM Engineering Rules Appendix in the Session Control Manager Administration Guide for more information about regular expressions.
log { any | destination aor aor | source { address ip_address | aor aor } }
Enables logging for CSCF sessions meeting the criteria specified in the ACL. The logs can be viewed by executing the logging filter active facility acl-log command in the Exec mode.
Specifies the criteria that packets will be compared against. The following criteria is supported:
source address ip_address
source { address ip_address | aor aor }
Filters session based on the source IP address or AoR.
ip_address must be expressed in dotted decimal notation for IPv4 or colon notation for IPv6.
aor must be an existing AoR from 1 to 79 characters in length.
Important: AoR regular expressions are supported. Refer to the SCM Engineering Rules Appendix in the Session Control Manager Administration Guide for more information about regular expressions.
no deny { any | destination aor aor | source { address ip_address | aor aor } }
Removes specified filter criteria.
Usage
Specifies the subscriber sessions to deny based on the criteria specified.
Example
The following command denies access to subscribers with a source address of 1.2.3.4:
deny source address 1.2.3.4
 
end
Exits the current mode and returns to the Exec Mode.
Product
All
Privilege
Administrator
Syntax
end
Usage
Change the mode back to the Exec mode.
 
exit
Exits the current mode and returns to the previous mode.
Product
All
Privilege
Administrator
Syntax
exit
Usage
Return to the previous mode.
 
permit
Configures the system to allow subscriber sessions based on criteria matching the received packet.
Product
SCM
Privilege
Administrator
Syntax
permit { any | destination aor aor | log { any | destination aor aor | source { address ip_address | aor aor } | source { address ip_address | aor aor } }
no permit { any | destination aor aor | source { address ip_address | aor aor }}
any
Filters all CSCF sessions.
destination aor aor
Filters sessions based on the destination AoR.
aor must be an existing AoR from 1 to 79 characters in length.
Important: AoR regular expressions are supported. Refer to the SCM Engineering Rules Appendix in the Session Control Manager Administration Guide for more information about regular expressions.
log { any | destination aor aor | source { address ip_address | aor aor }}
Enables logging for CSCF sessions meeting the criteria specified in the ACL. The logs can be viewed by executing the logging filter active facility acl-log command in the Exec mode.
Specifies the criteria that packets will be compared against. The following criteria is supported:
source address ip_address
source { address ip_address | aor aor }
Filters session based on the source IP address or AoR.
ip_address must be expressed in dotted decimal notation for IPv4 or colon notation for IPv6.
aor must be an existing AoR from 1 to 79 characters in length.
Important: AoR regular expressions are supported. Refer to the SCM Engineering Rules Appendix in the Session Control Manager Administration Guide for more information about regular expressions.
no permit { any | destination aor aor | source { address ip_address | aor aor } }
Removes specified filter criteria.
Usage
Specifies the subscriber sessions to permit based on the criteria specified.
Example
The following command permits access to subscribers with a destination AoR of $.@abc123.com:
permit destination aor $.@abc123.com
 
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883