Ruijie RG-S2900G-E Series

To Next Page

To Previous Page

Configuration Guide Access Control List Configuration

In the figure above, the meaning of each letter and the value of offset are shown below:

Letter

Meaning

Offset

Letter

Meaning

Offset

Destination MAC

TTL field

Source MAC

Protocol ID

VLAN tag field

IP checksum

Data frame length field

Source IP address

DSAP field

Destination IP address

SSAP field

TCP source port

Ctrl field

TCP destination port

Org Code field

Sequential number

Encapsulated data type

Confirmation field

IP version No.

IP header length and

reservation bits

TOS field

Reservation bit and flags bit

IP packet length

Windows size field

Others

Flags field

As shown in the above table, the offset of each field is it offset in the SNAP+tag 802.3 data frame. In

the user custom access control list, the user can use two parameters, the rule mask and offset, to

abstract any byte from the first 80 bytes of the data frame, and then compare it with the user defined

rule to filter the matched data frame for corresponding processing. The user defined rule can be some

fixed attributes of the data. For example, the user wants to filter all the TCP messages by defining the

rule as “06”, rule mask as “FF” and offset as 35. Here, the rule mask and offset work together to

abstract the contents of the TCP protocol ID field in the received data frame, and compare it with the

rule to filter all TCP messages.

Main Page

Ruijie RG-S2900G-E Series - Page 774

Table of Contents

Related product manuals