10.2.5 Extend-IP ACL
Extend-IP ACLs analyze and process data packets based on a series of match conditions, which
can be the source IP addresses, destination IP addresses, IP protocol and other information of this
sort carried in the packets.
Choose the menu ACL→ACL Config→Extend-IP ACL to load the following page.
Figure 10-8 Create Extend-IP Rule
The following entries are displayed on this screen:
Create Extend-IP ACL
ACL ID: Select the desired Extend-IP ACL for configuration.
Rule ID: Enter the rule ID.
Operation: Select the operation for the switch to process packets which match the
rules.
Permit: Forward packets.
Deny: Discard Packets.
S-IP: Enter the source IP address contained in the rule.
D-IP: Enter the destination IP address contained in the rule.
Mask: Enter IP address mask. If it is set to 1, it must strictly match the
address.
IP Protocol: Select IP protocol contained in the rule.
TCP Flag:
Configure TCP flag when TCP is selected from the pull-down list of IP
Protocol.
S-Port: Configure TCP/IP source port contained in the rule when TCP/UDP is
selected from the pull-down list of IP Protocol.
130