access-list acl-profile cpu l3 control-plane-protection priority 0 acces

1. access-list
2.  acl-profile cpu l3 control-plane-protection
3.   priority 0
4.   access-list-entry 10
5.    description PERMIT_SSH_TO_EQUIPMENT
6.    match source-ipv4-address 10.255.254.0/23
7.    match destination-port ssh
8.    action permit
9.   !
10.   access-list-entry 20
11.    description PERMIT_SSH_FROM_EQUIPMENT
12.    match source-port ssh
13.    action permit
14.   !
15.   access-list-entry 21
16.    description PERMIT_SSH_IPv6_TO_EQUIPMENT
17.    match source-ipv6-address 2001:c0a8:ff23::/64
18.    match destination-port ssh
19.    action permit
20.   !
21.   access-list-entry 31
22.    description PERMIT_NETCONF_PROTOCOL
23.    match source-ipv4-address 10.255.254.0/24
24.    match destination-port 830
25.    action permit
26.   !
27.   access-list-entry 40
28.    description PERMIT_TACACS_PROTOCOL
29.    match source-port 49
30.    action permit
31.   !
32.   access-list-entry 41
33.    description PERMIT_RADIUS_AUTHENTICATION
34.    match source-port 1812
35.    action permit
36.   !
37.   access-list-entry 42
38.    description PERMIT_RADIUS_AUTHORIZATION
39.    match source-port 1813
40.    action permit
41.   !
42.   access-list-entry 60
43.    description PERMIT_ARP_PROTOCOL
44.    match ethertype arp
45.    action permit
46.   !
47.   access-list-entry 70
48.    description PERMIT_ICMPv4_PROTOCOL
49.    match ip-protocol icmp
50.    action permit
51.   !
52.   access-list-entry 80
53.    description PERMIT_ICMPv6_PROTOCOL
54.    match ip-protocol ipv6-icmp
55.    action permit
56.   !
57.   access-list-entry 90
58.    description PERMIT_SLOW_PROTOCOLS
59.    match ethertype 0x8809
60.    action permit
61.   !
62.   access-list-entry 100
63.    description PERMIT_xSTP_PROTOCOL
64.    match ethertype 0x4242
65.    action permit
66.   !
67.   access-list-entry 110
68.    description PERMIT_EAPS_PROTOCOL
69.    match ethertype 0xaaaa
70.    action permit
71.   !
72.   access-list-entry 130
73.    description PERMIT_DESTINATION_BFD_PROTOCOL
74.    match destination-port 3784
75.    action permit
76.   !
77.   access-list-entry 131
78.    description PERMIT_SOURCE_BFD_PROTOCOL
79.    match source-port 3784
80.    action permit
81.   !
82.   access-list-entry 140
83.    description PERMIT_OSPF_PROTOCOL
84.    match ip-protocol 89
85.    action permit
86.   !
87.   access-list-entry 160
88.    description PERMIT_DESTINATION_LDP_PROTOCOL
89.    match destination-port 646
90.    action permit
91.   !
92.   access-list-entry 161
93.    description PERMIT_SOURCE_LDP_PROTOCOL
94.    match source-port 646
95.    action permit
96.   !
97.   access-list-entry 170
98.    description PERMIT_RSVP_PROTOCOL
99.    match ip-protocol 46
100.    action permit
101.   !
102.   access-list-entry 180
103.    description PERMIT_TTL_1_PACKET
104.    match ttl 1
105.    action permit
106.   !
107.   access-list-entry 190
108.    description PERMIT_CONTROL_PACKETS_TWAMP_PROTOCOL
109.    match destination-port 862
110.    action permit
111.   !
112.   access-list-entry 191
113.    description PERMIT_CONTROL_PACKETS_TWAMP_PROTOCOL
114.    match source-port 862
115.    action permit
116.   !
117.   access-list-entry 192
118.    description PERMIT_DATA_PACKETS_TWAMP_PROTOCOL
119.    match destination-ipv4-address 172.30.1.3/32
120.    match source-ipv4-address 172.30.1.2/32
121.    action permit
122.   !
123.   access-list-entry 200
124.    description PERMIT_TFTP_PACKETS_FROM_SERVER
125.    match source-ipv4-address 100.76.180.180/32
126.    action permit
127.   !
128.   access-list-entry 210
129.    description PERMIT_OAM_CFM_PROTOCOLS
130.    match ethertype 0x8902
131.    action permit
132.   !
133.   access-list-entry 220
134.    description PERMIT_PPPoE_PROTOCOL
135.    match ethertype pppoed
136.    action permit
137.   !
138.   access-list-entry 230
139.    description PERMIT_DHCPv4_SERVER_PROTOCOL
140.    match destination-port 67
141.    action permit
142.   !
143.   access-list-entry 231
144.    description PERMIT_DHCPv4_CLIENT_PROTOCOL
145.    match destination-port 68
146.    action permit
147.   !
148.   access-list-entry 240
149.    description PERMIT_DHCPv6_PROTOCOL
150.    match destination-port 547
151.    action permit
152.   !
153.   access-list-entry 250
154.    description PERMIT_MCLAG_PROTOCOL
155.    match destination-port 30012
156.    action permit
157.   !
158.   access-list-entry 251
159.    description PERMIT_MCLAG_PROTOCOL
160.    match source-port 30012
161.    action permit
162.   !
163.   access-list-entry 260
164.    description PERMIT_VRRP_PROTOCOL
165.    match ip-protocol 112
166.    action permit
167.   !
168. ************************
169.   access-list-entry 261
170.    description DENY_ALL-PROTOCOLS-TO-CLIS
171.    match destination-ipv4-address 45.235.162.203/32
172.    action deny
173.   !
174. ************************
175.   access-list-entry 280
176.    description PERMIT_SNMP_PROTOCOL
177.    match destination-port snmp
178.    action permit
179.   !
180.   access-list-entry 281
181.    description PERMIT_LLDP_PROTOCOL
182.    match ethertype 0x88cc
183.    action permit
184.   !
185.   access-list-entry 282
186.    description PERMIT_DESTINATION_BGP_PROTOCOL
187.    match destination-port 179
188.    action permit
189.   !
190.   access-list-entry 283
191.    description PERMIT_SOURCE_BGP_PROTOCOL
192.    match source-port 179
193.    action permit
194.   !
195.   access-list-entry 284
196.    description PERMIT_NTP_PROTOCOL
197.    match destination-port ntp
198.    action permit
199.   !
200.   access-list-entry 1023
201.    description DENY_ANY_TRAFFIC
202.    action deny
203.   !
204.  !