Table of Contents
Advertisement
Chapter 5
Drops packets which meet the ACL criteria.
Deny
Drops packet that meets the ACL
Shutdown
criteria, and disables the port to which the packet
was addressed. Ports are reactivated from the Port
Management screen.
Creates an ACE (Access Control Event) based on
Protocol
a specific protocol.
Selects from a protocols list on which
Select from List
ACE can be based. The possible field values are:
Matches the protocol to any protocol.
Any
Indicates that the Enhanced Interior Gateway
EIGRP
Routing Protocol (EIGRP) is used to classify network
flows.
Indicates that the Internet Control Message
ICMP
Protocol (ICMP) is used to classify network flows.
Indicates that the Internet Group Management
IGMP
Protocol (IGMP) is used to classify network flows.
Indicates that the Transmission Control Protocol
TCP
is used to classify network flows.
Matches the packet to the Open Shortest Path
OSPF
First (OSPF) protocol.
Indicates that the User Datagram Protocol is
UDP
used to classify network flows.
Adds user-defined protocols to
Protocol ID To Match
which packets are matched to the ACE. Each protocol has
a specific protocol number which is unique. The possible
field range is 0-255.
Filters packets by TCP flag. Filtered packets
TCP Flags
are either forwarded or dropped. Filtering packets by TCP
flags increases packet control, which increases network
security. The values that can be assigned are:
Enables filtering packets by selected flags.
Set
Disables filtering packets by selected flags.
Unset
Indicates that selected packets do not
Don't care
influence the packet filtering process.
The TCP Flags that can be selected are:
Indicates the packet is urgent.
Urg
Indicates the packet is acknowledged.
Ack
Indicates the packet is pushed.
Psh
Indicates the connection is dropped.
Rst
Indicates request to start a session.
Syn
Indicates request to close a session.
Fin
8-Port 10/100 Ethernet Switch with Webview
Advanced Configuration
Defines the TCP/UDP source port to which
Source Port
the ACE is matched. This field is active only if 800/6-TCP or
800/17-UDP are selected in the Select from List drop-down
menu. The possible field range is 0 - 65535.
Defines the TCP/UDP destination
Destination Port
port. This field is active only if 800/6-TCP or 800/17-UDP
are selected in the Select from List drop-down menu. The
possible field range is 0 - 65535.
Matches the source port IP address to
Source IP Address
which packets are addressed to the ACE.
Defines the source IP address wildcard
Wildcard Mask
mask. Wildcard masks specify which bits are used and
which bits are ignored. A wild card mask of 255.255.255.255
indicates that no bit is important. A wildcard of 0.0.0.0
indicates that all the bits are important. For example, if the
source IP address 149.36.184.198 and the wildcard mask
is 255.36.184.00, the first eight bits of the IP address are
ignored, while the last eight bits are used.
Matches the destination port IP address
Dest. IP Address
to which packets are addressed to the ACE.
Defines the destination IP address
Wildcard Mask
wildcard mask.
Matches the packet DSCP value to the ACE.
Match DSCP
Either the DSCP value or the IP Precedence value is used to
match packets to ACLs. The possible field range is 0-63.
Matches the packet IP Precedence
Match IP Precedence
value to the ACE. Either the DSCP value or the IP Precedence
value is used to match packets to ACLs. The possible field
range is 0-7.
The Add to List button adds the configured IP Based ACLs
to the IP Based ACL Table at the bottom of the screen.
ACL > MAC based ACL
ACL > MAC based ACL
32
- Quick Links:
- Admin > Factory Defaults
Hide quick links:
Advertisement
Table of Contents
