The following functions are added in V05.02.00 of the Switch 4500G series:
Applying an ACL for packet filtering and outputting packet filtering logs. For details, refer to
Application for Packet
The established keyword that is used to specify the TCP flags ACK and RST in advanced
IPv4/IPv6 ACL rules. For details, refer to
In order to filter traffic, network devices use sets of rules, called access control lists (ACLs), to identify
and handle packets.
When configuring ACLs, go to these chapters for information you are interested in:
IPv4 ACL Configuration
IPv6 ACL Configuration
Unless otherwise stated, ACLs refer to both IPv4 ACLs and IPv6 ACLs throughout this document.
Introduction to ACL
As network scale and network traffic are increasingly growing, network security and bandwidth
allocation become more and more critical to network management. Packet filtering can be used to
efficiently prevent illegal users from accessing networks and to control network traffic and save network
resources. Access control lists (ACL) are often used to filter packets with configured matching rules.
ACLs are sets of rules (or sets of permit or deny statements) that decide what packets can pass and
what should be rejected based on matching criteria such as source MAC address, destination MAC
address, source IP address, destination IP address, and port number.
Application of ACLs on the Switch
The switch supports two ACL application modes:
Configuring an Advanced IPv4 ACL