Filter
Top Products
224
XS712T Smart Switch
5. Select or specify values for one or more of the following match criteria:
• Action. Select the ACL forwarding action, which is one of the following:
- Permit. Forwards packets which meet the ACL criteria.
- Deny. Drops packets which meet the ACL criteria.
• Egress Queue. Specifies the hardware egress queue identifier used to handle all
packets matching this ACL rule. Enter an identifying number from 0–7 in the
appropriate field.
• Match Every. Requires a packet to match the criteria of this ACL. Select True or
False from the drop-down menu. Match Every is exclusive to the other filtering rules,
so if Match Every is True, the other rules on the screen are not available.
• Protocol Type. Requires a packet’s protocol to match the protocol listed here. Select
a type from the drop-down menu or enter the protocol number in the available field.
• Src IP Address. Requires a packet’s source IP address to match the address listed
here. Type an IP Address in the appropriate field using dotted-decimal notation. The
address you enter is compared to a packet's source IP Address.
• Src IP Mask. Specifies the source IP address wildcard mask. Wild card masks
determines which bits are used and which bits are ignored. A wild card mask of
255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that
all of the bits are important. Wildcard masking for ACLs operates differently from a
subnet mask. A wildcard mask is in essence the inverse of a subnet mask. For
example, to apply the rule to all hosts in the 192.168.1.0/24 subnet, you type
0.0.0.255 in the Source IP Mask field. This field is required when you configure a
source IP address.
• Src L4 Port. Requires a packet’s TCP/UDP source port to match the port listed here.
Click Complete one of the following fields:
- Source L4 Keyword. Select the desired L4 keyword from a list of source ports on
which the rule can be based.
- Source L4 Port Number. If the source L4 keyword is Other, enter a user-defined
Port ID by which packets are matched to the rule.
• Dst IP Address. Requires a packet’s destination port IP address to match the
address listed here. Enter an IP Address in the appropriate field using dotted-decimal
notation. The address you enter is compared to a packet's destination IP Address.
• Dst IP Mask. Specifies the destination IP address wildcard mask. Wild card masks
determines which bits are used and which bits are ignored. A wild card mask of
255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that
all of the bits are important. Wildcard masking for ACLs operates differently from a
subnet mask. A wildcard mask is in essence the inverse of a subnet mask. For
example, to apply the rule to all hosts in the 192.168.1.0/24 subnet, you type
0.0.0.255 in the Source IP Mask field. This field is required when you configure a
source IP address.
• Dst L4 Port. Requires a packet’s TCP/UDP destination port to match the port listed
here. Complete one of the following fields: