Mac Acls; Ip Acls - D-Link DWS-3000 Series Configuration Manual

Configuration Guide
•
The order of the rules is important: when a packet matches multiple rules, the first rule
takes precedence. Also, once you define an ACL for a given port, all traffic not specifi-
cally permitted by the ACL is denied access.

MAC ACLs

MAC ACLs are Layer 2 ACLs. You can configure the rules to inspect the following fields of a
packet:
•
Source MAC address
•
Source MAC mask
•
Destination MAC address
•
Destination MAC mask
•
VLAN ID
•
Class of Service (CoS) (802.1p)
•
Ethertype
L2 ACLs can apply to one or more interfaces.
Multiple access lists can be applied to a single interface - sequence number determines the
order of execution.
You can assign packets to queues using the assign queue option.

IP ACLs

IP ACLs classify for Layers 3 and 4.
Each ACL is a set of up to ten rules applied to inbound traffic. Each rule specifies whether the
contents of a given field should be used to permit or deny access to the network, and may
apply to one or more of the following fields within a packet:
•
Destination IP with wildcard mask
•
Destination L4 Port
•
Every Packet
•
IP DSCP
•
IP Precedence
•
IP TOS
•
Protocol
•
Source IP with wildcard mask
•
Source L4 port
•
Destination Layer 4 port
92 © 2001- 2011 D-Link Corporation. All Rights Reserved.