Security
144
XS728T ProSAFE 28-Port 10-Gigabit L2+ Smart Switch
• Source IP Address. Requires a packet’s source IP address to match the address
listed here. Enter an IP address using dotted-decimal notation. The address you enter
is compared to a packet's source IP address.
• Source IP Mask. Specifies the source IP address wildcard mask. Wildcard masks
determine which bits are used and which bits are ignored. A wildcard mask of
255.255.255.255 indicates that no bit is important. A wildcard mask of 0.0.0.0
indicates that all of the bits are important. Wildcard masking for ACLs operates
differently from a subnet mask. A wildcard mask is in essence the inverse of a subnet
mask. For example, to apply the rule to all hosts in the 192.168.1.0/24 subnet, enter
0.0.0.255 in the Source IP Mask field. This field is required when you configure a
source IP address.
• Source L4 Port. Requires a packet’s TCP/UDP source port to match the port listed
here. Complete one of the following fields:
• Source L4 Keyword: Select the desired L4 keyword from the list of source ports
on which the rule can be based.
• Source L4 Port Number: If the source L4 keyword is Other, enter a user-defined
Port ID by which packets are matched to the rule.
• Destination IP Address. Requires a packet’s destination port IP address to match
the address listed here. Enter an IP address using dotted-decimal notation. The
address you enter is compared to a packet's destination IP address.
• Destination IP Mask. Specifies the destination IP address wildcard mask. Wildcard
masks determine which bits are used and which bits are ignored. A wildcard mask of
255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that
all of the bits are important. Wildcard masking for ACLs operates differently from a
subnet mask. A wildcard mask is in essence the inverse of a subnet mask. For
example, to apply the rule to all hosts in the 192.168.1.0/24 subnet, you type
0.0.0.255 in the Source IP Mask field. This field is required when you configure a
source IP address.
• Destination L4 Port. Requires a packet’s TCP/UDP destination port to match the
port listed here. Complete one of the following fields:
• Destination L4 Keyword: Select the desired L4 keyword from the list of
destination ports on which the rule can be based.
• Destination L4 Port Number: If the destination L4 keyword is Other, enter a
user-defined port ID by which packets are matched to the rule.
• Service Type. Select one of the Service Type match conditions for the extended IP
ACL rule. The possible values are IP DSCP, IP precedence, and IP ToS, which are
alternative ways of specifying a match criterion for the same Service Type field in the
IP header; however, each uses a different user notation. After you select the service
type, specify the value associated with the type.
• IP DSCP: Specify the IP DiffServ Code Point (DSCP) value. The DSCP is defined
as the high-order 6 bits of the service type octet in the IP header. Select an IP
DSCP value from the list. To specify a numeric value in the available field, select
Other from the list and type an integer from 0 to 63 in the field.
4. Click Add.
To Next Page
Loading...
