Linksys SFE2000P Switch User Manual


 
79
Chapter 4:
SFE2000/SFE2000P Gigabit Ethernet Switch Reference Guide
Chapter
4
L2IP — Matches the packet to Layer 2 Internet Protocol (L2IP).
ISIS — Indicates that the Intermediate System to Intermediate System (ISIS) protocol is
used to classify network flows.
Flag Set — Sets the indicated TCP flag that can be triggered.
ICMP Type — Filters packets by ICMP message type. The field values is 0-255.
ICMP Code — Indicates and ICMP message code for filtering ICMP packets. ICMP packets that
are filtered by ICMP message type can also be filtered by the ICMP message code.
IGMP Type — Filters packets by IGMP message or message types.
Source
IP Address — Matches the source port IP address to which packets are addressed to the ACE.
Mask — Defines the source IP address wildcard mask. Wildcard masks specify which bits are used
and which bits are ignored. A wild card mask of 255.255.255.255 indicates that no bit is important.
A wildcard of 0.0.0.0 indicates that all the bits are important. For example, if the source IP address
149.36.184.198 and the wildcard mask is 255.36.184.00, the first eight bits of the IP address are
ignored, while the last eight bits are used.
Destination
IP Address — Matches the destination port IP address to which packets are addressed to the ACE.
Mask — Defines the destination IP address wildcard mask. Select either Match DSCP or Match IP
DCSP — Matches the packets DSCP value.
IP Prec — Matches the packet IP Precedence value to the ACE. Either the DSCP value or the IP
Precedence value is used to match packets to ACLs. The possible field range is 0-7.
Action — Indicates the action assigned to the packet matching the ACL. Packets are forwarded or
dropped. In addition, the port can be shut down, a trap can be sent to the network administrator, or
packet is assigned rate limiting restrictions for forwarding. The options are as follows:
Permit — Forwards packets which meet the ACL criteria.
Deny — Drops packets which meet the ACL criteria.
Shutdown — Drops packet that meets the ACL criteria, and disables the port to which the
packet was addressed. Ports are reactivated from the Port Management page.
Match IP Precedence — Matches the packet IP Precedence value to the ACE. Either the
DSCP value or the IP Precedence value is used to match packets to ACLs. The possible field
range is 0-7.
2. Click the Add Button. The Add IP Based ACL Page opens: