Adding an IP Based Rule
The Add IP Based Rule Page contains the following fields:
•
ACL Name — Displays the user-defined IP based ACLs.
•
New Rule Priority — Indicates the rule priority, which determines which rule is matched to a
packet on a first-match basis.
•
Protocol — Creates an ACE based on a specific protocol. For a list of available protocols,
see the Protocol field description in the IP Based ACL Page above.
•
Source Port — Defines the TCP/UDP source port to which the ACE is matched. This field is
active only if 800/6-TCP or 800/17-UDP are selected in the Select from List drop-down
menu. The possible field range is 0 - 65535.
•
Destination Port — Defines the TCP/UDP destination port. This field is active only if 800/6-
TCP or 800/17-UDP are selected in the Select from List drop-down menu. The possible field
range is 0 - 65535.
•
TCP Flags — Filters packets by TCP flag. Filtered packets are either forwarded or dropped.
Filtering packets by TCP flags increases packet control, which increases network security.
The possible field values are:
•
ICMP — Indicates if ICMP packets are permitted on the network.
Chapter 5: Configuring Device Security
Defining Access Control
SFE1000P Gigabit Ethernet Switch Reference Guide
Add IP Based Rule Page
Chapter
5
63