88
C
3: M
HAPTER
ANAGING
D
S
EVICE
ECURITY
Destination Port — Indicates the destination port that is matched
■
packets. Enabled only when TCP or UDP are selected in the Protocol
list.
Any — Enables creating an ACL Based on any protocol.
■
Source IP Address — Matches the source IP address to which
■
packets are addressed to the ACL.
Wild Card Mask — Indicates the destination IP Address wild card
■
mask. Wild cards are used to mask all or part of a destination IP
Address. Wild card masks specify which bits are used and which
bits are ignored. A wild card mask of 255.255.255.255 indicates
that no bit is important. A wildcard of 00.00.00.00 indicates that
all bits are important. For example, if the destination IP address
149.36.184.198 and the wildcard mask is 255.36.184.00, the first
two bits of the IP address are used, while the last two bits are
ignored.
Destination IP Address — Matches the destination IP address to
■
which packets are addressed to the ACL.
Wild Card Mask — Indicates the destination IP Address wild card
■
mask. Wild cards are used to mask all or part of a destination IP
Address. Wild card masks specify which bits are used and which
bits are ignored. A wild card mask of 255.255.255.255 indicates
that no bit is important. A wildcard of 00.00.00.00 indicates that
all bits are important. For example, if the destination IP address
149.36.184.198 and the wildcard mask is 255.36.184.00, the first
two bits of the IP address are used, while the last two bits are
ignored.
Match DSCP — Matches the packet DSCP value to the ACL. Either
■
the DSCP value or the IP Precedence value is used to match packets
to ACLs.
Match IP Precedence — Matches the packet IP Precedence value to
■
the ACE. Either the DSCP value or the IP Precedence value is used
to match packets to ACLs.
Action — Indicates the ACL forwarding action. Possible field values
■
are:
Permit — Forwards packets which meet the ACL criteria.
■
Deny — Drops packets which meet the ACL criteria.
■