GS716Tv2 and GS724Tv3 Software Administration Manual
Managing Device Security 5-47
v1.0, July 2009
IP ACL
IP ACLs allow network managers to define classification actions and rules for specific ingress
ports. Packets can be filtered on ingress (inbound) ports only. If the filter rules match, then some
actions can be taken, including dropping the packet or disabling the port. For example, a network
administrator defines an ACL rule that says port number 20 can receive TCP packets. However, if
a UDP packet is received the packet is dropped.
ACLs are composed of access control entries (ACE), or rules, that consist of the filters that
determine traffic classifications.
Use the IP ACL Configuration page to add or remove IP-based ACLs.
To display the IP ACL page:
1. Click Security ACL, then click the Advanced IP ACL link.
Table 5-29 shows the current size of the ACL table versus the maximum size of the ACL
table. The current size is equal to the number of configured IPv4 plus the number of
configured MAC ACLs. The maximum size is 100.
Figure 5-29
To Next Page
Loading...
