Filter
Top Products
240
decide whether to permit or deny access.
9.1.3 Access list Action and Global Default Action
There are two access list action and default action: “permit” or “deny”.
The following rules apply:
z An access list can consist of several rules. Filtering of packets is to compare packet
conditions to the rules, from the first rule to the first matched rule; the rest of the rules
will not be processed.
z Global default action applies only to IP packets in the incoming direction on the ports.
For non-IP incoming packets and all outgoing packets, the default forward action is
“permit”.
z Global default action applies only when packet flirter is enabled on a port, and no ACL
is bound to that port, or no binding ACL matches.
z When an access list is bound to the outgoing direction of a port, the action in the rule
can only be “deny”.
9.2 ACL configuration
9.2.1 ACL Configuration Task Sequence
1. Configuring access list
(1) Configuring a numbered standard IP access list
(2) Configuring an numbered extended IP access list
(3) Configuring a standard IP access list basing on nomenclature
a) Create an standard IP access list basing on nomenclature
b) Specify multiple “permit” or “deny” rule entries.
c) Exit ACL Configuration Mode
(4) Configuring an extended IP access list basing on nomenclature.
a) Create an extensive IP access list basing on nomenclature
b) Specify multiple “permit” or “deny” rule entries.
c) Exit ACL Configuration Mode
2. Configuring packet filtering function
(1) Enable global packet filtering function
(2) Configure default action.