General Security Measures
3-133
3
Configuring an ARP ACL
Use this page to configure ACLs based on ARP message addresses. ARP
Inspection can then use these ACLs to filter suspicious traffic (see Configuring ARP
Inspection on page 3-136).
Command Attributes
•
Action
– An ACL can contain any combination of permit or deny rules.
•
Packet Type
– Indicates an ARP request, ARP response, or either type.
(Range: Request, Response, All; Default: Request)
•
Sender/Target IP Address Type
– Specifies the source or destination IPv4
address. Use “Any” to include all possible addresses, “Host” to specify a specific
host address in the Address field, or “IP” to specify a range of addresses with the
Address and Mask fields. (Options: Any, Host, IP; Default: Any)
•
Sender/Target IP Address
– Source or destination IP address.
•
Sender/Target IP Address Mask
– Subnet mask for source or destination
address. (See the description for Subnet Mask on page 3-125.)
•
Sender/Target MAC Address Type
– Use “Any” to include all possible addresses,
“Host” to indicate a specific MAC address, or “MAC” to specify an address range
with the Address and Mask fields. (Options: Any, Host, MAC; Default: Any)
•
Sender/Target MAC Address
– Source or destination MAC address.
•
Sender/Target MAC Address Mask
– Hexadecimal mask for source or
destination MAC address.
•
Log
– Logs a packet when it matches the access control entry.
Command Usage
• An ACL can contain up to 32 rules.
• New rules are added to the end of the list.
Summary of Contents for 6152PL2 FICHE
Page 2: ......
Page 6: ...vi ...
Page 8: ...viii ...
Page 32: ...Tables xxxii ...
Page 38: ...Figures xxxviii ...
Page 56: ...Initial Configuration 2 10 2 ...
Page 378: ...Configuring the Switch 3 322 3 ...
Page 817: ......