User Guide 792
Configuring ACL ACL Configuration
Rule ID Enter an ID number to identify the rule.
It should not be the same as any current rule ID in the same ACL. For the
convenience of inserting new rules to an ACL, you should set the appropriate
interval between rule IDs.
If you select Auto Assign, the rule ID will be assigned automatically by the
system and the default increment between neighboring rule IDs is 5.
Operation Select an action to be taken when a packet matches the rule.
Permit: To forward the matched packets.
Deny: To discard the matched packets.
S-MAC/Mask Enter the source MAC address with a mask. A value of 1 in the mask indicates
that the corresponding bit in the address will be matched.
D-MAC/Mask Enter the destination IP address with a mask. A value of 1 in the mask
indicates that the corresponding bit in the address will be matched.
VLAN ID Enter the ID number of the VLAN to which the ACL will apply.
EtherType Specify the EtherType to be matched using 4 hexadecimal numbers.
S-IP/Mask Enter the source IP address with a mask. A value of 1 in the mask indicates
that the corresponding bit in the address will be matched.
D-IP/Mask Enter the destination IP address with a mask. A value of 1 in the mask
indicates that the corresponding bit in the address will be matched.
IP Protocol Select a protocol type from the drop-down list. The default is No Limit, which
indicates that packets of all protocols will be matched. You can also select
User-defined to customize the IP protocol.
TCP Flag If TCP protocol is selected, you can configure the TCP Flag to be used for the
rule’s matching operations. There are six flags and each has three options,
which are *, 0 and 1. The default is *, which indicates that the flag is not used
for matching operations.
URG: Urgent flag.
ACK: Acknowledge flag.
PSH: Push flag.
RST: Reset flag.
SYN: Synchronize flag.
FIN: Finish flag.
S-Port / D-Port If TCP/UDP is selected as the IP protocol, specify the source and destination
port number with a mask.
Value: Specify the port number.
Mask: Specify the port mask with 4 hexadacimal numbers.
DSCP Specify a DSCP value to be matched between 0 and 63. The default is No
Limit.
To Next Page
Loading...
