Type – The following filter modes are supported:
◆
IP Standard: IPv4 ACL mode filters packets based on the source
■
IPv4 address.
IP Extended: IPv4 ACL mode filters packets based on the source
■
or destination IPv4 address, as well as the protocol type and
protocol port number. If the "TCP" protocol is specified, then you
can also filter packets based on the TCP control code.
IPv6 Standard: IPv6 ACL mode filters packets based on the source
■
IPv6 address.
IPv6 Extended: IPv6 ACL mode filters packets based on the
■
source or destination IP address, as well as the type of the next
header and the flow label (i.e., a request for special handling by
IPv6 routers).
MAC – MAC ACL mode filters packets based on the source or
■
destination MAC address and the Ethernet frame type (RFC 1060).
ARP – ARP ACL specifies static IP-to-MAC address bindings used for
■
ARP inspection (see
W
I
EB
NTERFACE
To configure the name and type of an ACL:
Click Security, ACL.
1.
Select Configure ACL from the Step list.
2.
Select Add from the Action list.
3.
Fill in the ACL Name field, and select the ACL type.
4.
Click Apply.
5.
Figure 154: Creating an ACL
To show a list of ACLs:
Click Security, ACL.
1.
Select Configure ACL from the Step list.
2.
– 287 –
C
HAPTER
"ARP Inspection" on page
| Security Measures
13
Access Control Lists
301).