3Com 2924-PWR Switch User Manual


 
76 CHAPTER 4: MANAGING DEVICE SECURITY
wildcard mask matches all IP addresses in the range 149.36.184.0
to 149.36.184.255. A wildcard mask must not contain leading
zeroes. For example, a wildcard mask of 010.010.011.010 is
invalid, but a wildcard mask of 10.10.11.10 is valid.
Match DSCP — Matches the packet DSCP value to the ACL. Either
the DSCP value or the IP Precedence value is used to match packets to
ACLs.
Match IP Precedence — Matches the packet IP Precedence value to
the rule. Either the DSCP value or the IP Precedence value is used to
match packets to ACLs.
Action — Defines the ACL forwarding action. In addition, the port
can be shut down, a trap can be sent to the network administrator, or
packet is assigned rate limiting restrictions for forwarding. The options
are as follows:
Permit — Forwards packets which meet the ACL criteria.
Deny — Drops packets which meet the ACL criteria.
Shutdown — Drops packet that meets the ACL criteria, and
disables the port to which the packet was addressed. Ports are
reactivated from the
Port Administration Setup Page.
To create a new IP-based ACL:
1 Select Create ACL.
2 Enter the name of the new ACL.
3 Click . The new ACL is created, and the device is updated.
To define a new IP-based ACL rule:
1 Select Selection ACL.
2 Select the ACL from the list.
3 Define the fields for the new ACL rule.
4 Click . The new IP-based ACL rule settings are configured,
and the device is updated.