Table of Contents
Advertisement
C
4: M
HAPTER
ANAGING
D
S
EVICE
ECURITY
Destination Port — Indicates the destination port that is matched
packets. Enabled only when TCP or UDP are selected in the
Protocol list.
TCP Flags — If checked, enables configuration of TCP flags
matched to the packet. The possible fields are:
Urg — Urgent pointer field significant. The urgent pointer
points to the sequence number of the octet following the
urgent data.
Ack — Acknowledgement field significant. The
acknowledgement field is the byte number of the next byte
that the sender expects to receive from the receiver.
Psh — Push (send) the data as soon as possible, without
buffering. This is used for interactive traffic.
Rst — Reset the connection. This invalidates the sequence
numbers and aborts the session between the sender and
receiver.
Syn — Synchronize Initial Sequence Numbers (ISNs). This is used
to initialize a new connection.
Fin — Finish. This indicates there is no more data from the
sender. This marks a normal closing of the session between the
sender and receiver.
For each TCP flag, the possible field values are:
Set — Enables the TCP flag.
Unset — Disables the TCP flag.
Don't Care — Does not check the packet's TCP flag.
Source IP Address — Matches the source IP address to which
packets are addressed to the ACL.
Wild Card Mask— Defines the source IP address wildcard mask.
Wildcard masks specify which bits are used and which bits are
ignored. A mask of 255.255.255.255 indicates that no bit is
important. A mask of 0.0.0.0 indicates that all the bits are
important. For example, if the source IP address is 149.36.184.198
and the wildcard mask is 255.255.255.00, the first three bytes of
the IP address are ignored, while the last eight bits are used.
Hide quick links:
Advertisement
Table of Contents
