•
ICMP Code — Indicates and ICMP message code for filtering ICMP packets. ICMP packets
that are filtered by ICMP message type can also be filtered by the ICMP message code.
•
IGMP — Filters packets by IGMP message or message types.
•
Source IP Address — Matches the source port IP address to which packets are addressed to
the ACE.
•
Best. IP Address — Matches the destination port IP address to which packets are addressed
to the ACE.
Match DSCP or Match IP.
•
Match DSCP — Matches the packet to the DSCP tag value.
•
Match IP Precedence — Matches the packet IP Precedence value to the ACE. Either the
DSCP value or the IP Precedence value is used to match packets to ACLs. The possible field
range is 0-7.
•
Action — Indicates the action assigned to the packet matching the ACL. Packets are
forwarded or dropped. In addition, the port can be shut down, a trap can be sent to the
network administrator, or packet is assigned rate limiting restrictions for forwarding. The
options are as follows:
–
Permit — Forwards packets which meet the ACL criteria.
–
Deny — Drops packets which meet the ACL criteria.
–
Shutdown — Drops packet that meets the ACL criteria, and disables the port to which
the packet was addressed. Ports are reactivated from the Port Management page.
Chapter 5: Configuring Device Security
Defining Access Control
SFE1000P Gigabit Ethernet Switch Reference Guide
Chapter
5
64