Filter For Ethertype; Filter For Ip Addresses Or Ranges; Filters For The Ip Payload Protocol; Filter For Tcp And Udp Ports - ABB EDS500 Series Function Manual

Ethernet & dsl switches

Hide thumbs Also See for EDS500 Series:

Manual (46 pages)

Operating instruction (7 pages)

Operating instructions manual (6 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

page of 156

/ 156
Contents
Table of Contents
Bookmarks

Table of Contents

Access Lists

2.25.3

Filter for Ethertype

To check the Ethertype field of a frame the parameter can either be set as a number (0x0800

to 0xffff), or as keyword (ip for the Internet protocol (version 4), arp for the Address

Resolution Protocol).

Commands to filter for Ethertype:

< a c c e s s - l i s t { 1 - 1 6 } { d e n y - r u l e | p e r m i t - r u l e } { 1 - 1 6 }

e t h e r t y p e { a r p | i p | { 0 x 0 8 0 0 - 0 x f f f f } } >

2.25.4

Filter for IP Addresses or Ranges

The target and source IP addresses can be entered explicitly. It is also possible to enter

subnet ranges by adding the subnet mask. The Ethernet frame implicitly has to contain an IP

packet to match this criterion.

Commands to filter for IP addresses or ranges:

< a c c e s s - l i s t { 1 - 1 6 } { d e n y - r u l e | p e r m i t - r u l e } { 1 - 1 6 } i p

[ { d e s t i n a t i o n | s o u r c e } { I P a d d r e s s } [ { s u b n e t m a s k } ] ] >

2.25.5

Filters for the IP Payload Protocol

The payload protocol that is contained in the IP packet payload data can be checked by either

entering the protocol ID as a number (0 to 255) or as a keyword (tcp for the Transmission

Control protocol, udp for the User Datagram protocol, icmp for the Internet Control Message

protocol). The Ethernet frame implicitly has to contain an IP packet to match this criterion.

Commands to filter for IP follow-up protocol:

< a c c e s s - l i s t { 1 - 1 6 } { d e n y - r u l e | p e r m i t - r u l e } { 1 - 1 6 }

p r o t o c o l { t c p | u d p | i c m p | { 0 - 2 5 5 } } >

2.25.6

Filter for TCP and UDP Ports

The target and source port for TCP and/or UDP packets can be checked. The Ethernet frame

implicitly has to contain a TCP/IP or UDP/IP packet to match this criterion.

Commands to fFilter for TCP/UDP ports

< a c c e s s - l i s t { 1 - 1 6 } { d e n y - r u l e | p e r m i t - r u l e } { 1 - 1 6 } t c p

d s t - p o r t { 0 - 6 5 5 3 5 } >

< a c c e s s - l i s t { 1 - 1 6 } { d e n y - r u l e | p e r m i t - r u l e } { 1 - 1 6 } t c p

s r c - p o r t { 0 - 6 5 5 3 5 } >

< a c c e s s - l i s t { 1 - 1 6 } { d e n y - r u l e | p e r m i t - r u l e } { 1 - 1 6 } u d p

d s t - p o r t { 0 - 6 5 5 3 5 } >

< a c c e s s - l i s t { 1 - 1 6 } { d e n y - r u l e | p e r m i t - r u l e } { 1 - 1 6 } u d p

s r c - p o r t { 0 - 6 5 5 3 5 } >

2.25.7

Access Control Lists as Incoming or Outgoing Packet Filter for

Interfaces

Each access control list can be set as packet filter at the interfaces of EDS500 devices for

incoming and outgoing direction.

Functions

1KGT151021 V000 1

Table of Contents

Show Quick Links

Quick Links:
Configuration Via the Serial Interface

Hide quick links:

Table of Contents

Filter For Ethertype; Filter For Ip Addresses Or Ranges; Filters For The Ip Payload Protocol; Filter For Tcp And Udp Ports - ABB EDS500 Series Function Manual

Filter for Ethertype

Filter for IP Addresses or Ranges

Filters for the IP Payload Protocol

Filter for TCP and UDP Ports

Hide quick links:

Related Manuals for ABB EDS500 Series

Related Content for ABB EDS500 Series

Table of Contents