Manage Device Security
271
S350 Series 8-Port Gigabit Ethernet Smart Managed Pro Switch Models GS308T and GS310TP
- If you select the Range radio button, the IP ACL rule matches only if the Layer 4
destination port number is within the specified port range. The starting port,
ending port, and all ports in between are a part of the Layer 4 port range.
The Start Port and End Port fields identify the first and last ports that are part of
the port range. They values can range from 0 to 65535.
You can either select the enter the port range yourself or select one of the
following protocols from the menu:
• The destination IP TCP port range names are domain, echo, ftp, ftpdata,
www-http, smtp, telnet, pop2, pop3, and bgp.
• The destination IP UDP port range names are domain, echo, snmp, ntp, rip,
time, who, and tftp.
Each of these values translates into its equivalent port number, which is used as
both the start and end of the port range.
Select Other from the menu to enter a port number. If you select Other from the
menu but leave the field blank, it means any.
The wildcard mask determines which bits are used and which bits are ignored. A
wildcard mask of 0.0.0.0 indicates that none of the bits are important. A wildcard
of 255.255.255.255 indicates that all of the bits are important.
• IGMP Type. If your selection from the Protocol Type menu is IGMP and you specify
the IGMP type, the IP ACL rule matches the specified IGMP message type. The
range is from 0 to 255. If this field is left empty, it means any.
• ICMP. If your selection from the Protocol Type menu is ICMP, you can select either
the Type or Message radio button:
- If you select the Type radio button, note the following:
• The Type and Code fields are enabled only if the protocol is ICMP. Use these
fields to specify a match condition for ICMP packets:
• If you specify information in the Type field, the IP ACL rule matches the
specified ICMP message type. The type number can be from 0
to 255.
• If you specify information in the Code field, the IP ACL rule matches the
specified ICMP message code. The code can be from 0 to 255.
• If these fields are left empty, it means any.
- If you select the Message radio button, from the menu, select the type of the
ICMP message to match with the selected IP ACL rule. Specifying a type of
message implies that both the ICMP type and ICMP code are specified. The
ICMP message is decoded into the corresponding ICMP type and ICMP code
within the ICMP type.
The IPv4 ICMP message types are echo, echo-reply, host-redirect,
mobile-redirect, net-redirect, net-unreachable, redirect, packet-too-big,
port-unreachable, source-quench, router-solicitation, router-advertisement,
ttl-exceeded, time-exceeded, and unreachable.
To Next Page
Loading...
Need help?
General
