Defining Access Control Lists 85
Add Rules to ACL
■ Source MAC Address — Matches the source MAC address to which
packets are addressed.
■ Source Mask — Defines the source MAC Address wildcard mask.
Wildcards are used to mask all or part of a source MAC address.
Wildcard masks specify which bits are used and which are ignored.
A
wildcard mask of FF:FF:FF:FF:FF:FF indicates that all the bits are
important. A wildcard of 00.00.00.00.00.00.00 indicates that no bits
are important. For example, if the source MAC address is
00:AB:22:11:33:00 and the wildcard mask is FF:FF:FF:FF:FF:00, the first
five bytes of the MAC are used, while the last byte is ignored. For the
source MAC address 00:AB:22:11:33:00, this wildcard mask matches
all MAC addresses in the range 00:AB:22:11:33:00 to
00:AB:22:11:33:FF.
■ Destination MAC Address — Matches the destination MAC address
to which packets are addressed.
■ Destination Mask — Defines the destination MAC Address wildcard
mask. Wildcards are used to mask all or part of a destination MAC
address. Wildcard masks specify which bits are used and which are
ignored. For more details, refer to the description for Source Mask.
■ VLAN ID — Matches the packet's VLAN ID. The possible field values
are 0 to 4095.
■ CoS — Classifies traffic based on the CoS tag value. The possible field
values are 0 to 7.
■ CoS Mask — Defines the CoS mask used to classify network traffic.
The possible field values are 0 to 7.
■ Ethertype — Provides an identifier that differentiates between
various types of protocols. The range is 0-65535 decimal.
■ Action — Specifies the ACL forwarding action. The options are as
follows:
■ Permit — Forwards packets which meet the ACL criteria.
■ Deny — Drops packets which meet the ACL criteria.
To create a new MAC-based ACL:
1 Select Create ACL.
2 Enter the name of the new ACL.
3 Click . The new ACL is created, and the device is updated.
To Next Page
Loading...
