How to Add Comments to Map Rules
You can add comments to map rules. Use comments to label the purpose of a rule or the type of traffic covered by a rule.
You can add comments to the following CLI map commands:
• | map rule add pass |
• | map rule add drop |
• | map gsrule add pass |
• | map gsrule add drop |
• | map flowrule add pass gtp |
• | map flowrule add drop gtp |
Map rule comments are optional on these commands.
Consider the following when adding map rule comments:
• | Use up to 128 characters, including spaces. |
• | Enclose the comment in quotation marks, if the comment is longer than one word. |
• | To include double quotation marks (") inside the quotation marks, precede it with a backslash (\). |
Map Rule Comments Examples
The following are individual examples of valid map rule comments.
Command |
(config) # map alias 1 rule add pass ipver 4 comment “Allow IPv4” |
(config) # map alias 1 rule add pass macdst 11:22:33:44:55:66 00:00:00:00:00:00 comment “Allow MAC dst 11:22:33:44:55:66” |
(config) # map alias 1 rule add drop ipver 6 comment “Drop IPv6” |
(config) # map alias 1 rule add drop macdst 11:22:33:44:55:66 00:00:00:00:00:00 comment “Drop MAC dst 11:22:33:44:55:66” |
(config) # map alias 1 gsrule add pass ipver any value 4 comment "Allow IPv4" |
(config) # map alias 1 gsrule add drop ipv6 flow-label any value 6 comment "Drop IPv6" |
(config) # map alias 1 flowrule add pass gtp imsi 123456 comment "Allow imsi 123456" |
(config) # map alias 1 flowrule add drop gtp imsi 123456 comment "Drop imsi 123456" |
(config) # map alias 1 rule add pass ipver 4 comment “Allow \“IPv4\”” |
Note: Error messages are displayed when a comment is invalid, for example:
• | if the comment is longer than one word and does not include double quotation marks |
• | if the comment is longer than 128 characters |
• | if the rule with which the comment is included is not valid |
Map Rule Logic Examples
For example, the rules shown in the following table are both set up with criteria for vlan 100 and portsrc 23.
• | The first example combines the two criteria into a single rule. This joins the criteria with a logical AND. |
• | The second example creates two separate rules – one for each of the criteria. This joins the criteria with a logical OR. |
|
CLI Commands |
Description |
Criteria in Single Rule Joined with AND |
(config map alias mymap) # rule add pass vlan 100 portsrc 23 |
Creates single rule with two criteria – VLAN ID 100 and source port 23. Because the criteria are in a single rule, they are joined with a logical AND. This means that a packet must match both VLAN 100 and portsrc 23 to match this rule. |
Multiple Rules Joined with OR |
(config map alias mymap) # rule add pass vlan 100 |
Creates a rule in the map called mymap for VLAN ID 100. |
(config map alias mymap) # rule add pass portsrc 23 |
Creates a rule in the map called mymap for source port 23. Because the criteria are in separate rules, they are joined with a logical OR. This means that a packet can match either VLAN 100 or portsrc 23 to match this map. |