215
GS748T Smart Switch
To configure rules for an IP ACL:
1. T
o add an IP ACL rule, select the ACL ID to add the rule to, select the check box in the
Extended ACL Rule table, and click Add. The page displays the extended ACL Rule
Configuration fields.
2. Configure the new rule.
• Rule
ID. Specify a number from 1–10 to identify the IP ACL rule. You can create up to
10 rules for each ACL.
• Action. Sele
cts the ACL forwarding action, which is one of the following:
• Permit.
Forwards packets which meet the ACL criteria.
• Den
y. Drops packets which meet the ACL criteria.
• Egres
s Queue. Specifies the hardware egress queue identifier used to handle all
packets matching this ACL rule. Enter an identifying number from 0–7 in the
appropriate field.
• Match Ev
ery. Requires a packet to match the criteria of this ACL. Select True or
False from the drop down menu. Match Every is exclusive to the other filtering rules,
so if Match Every is True, the other rules on the screen are not available.
• Protoc
ol Type. Requires a packet’s protocol to match the protocol listed here. Select
a type from the drop down menu or enter the protocol number in the available field.
• Src IP Addres
s. Requires a packet’s source IP address to match the address listed
here. Type an IP Address in the appropriate field using dotted-decimal notation. The
address you enter is compared to a packet's source IP Address.
• Src IP Mask.
Specifies the source IP address wildcard mask. Wild card masks
determines which bits are used and which bits are ignored. A wild card mask of
255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that
all of the bits are important. Wildcard masking for ACLs operates differently from a
subnet mask. A wildcard mask is in essence the inverse of a subnet mask. For
example, to apply the rule to all hosts in the 192.168.1.0/24 subnet, you type
0.0.0.255 in the Source IP Mask field. This field is required when you configure a
source IP address.
To Next Page
Loading...
