A
CCESS
C
ONTROL
L
ISTS
7-2
The order in which active ACLs are checked is as follows:
1.User-defined rules in IP and MAC ACLs for ingress ports are checked in
parallel.
2. Rules within an ACL are checked in the configured order, from top to
bottom.
3. If the result of checking an IP ACL is to permit a packet, but the result
of a MAC ACL on the same packet is to deny it, the packet will be
denied (because the decision to deny a packet has a higher priority for
security reasons). A packet will also be denied if the IP ACL denies it
and the MAC ACL accepts it.
Setting the ACL Name and Type
Use the ACL Configuration page to designate the name and type of an
ACL.
Command Attributes
•
Name
– Name of the ACL. (Maximum length: 16 characters)
•
Type
– There are three filtering modes:
-
IP Standard
: IPv4 ACL mode that filters packets based on the source
IPv4 address.
-
IP Extended
: IPv4 ACL mode that filters packets based on source or
destination IPv4 address, as well as protocol type and protocol port
number. If the “TCP” protocol is specified, then you can also filter
packets based on the TCP control code.
-
IPv6 Standard
: IPv6 ACL mode that filters packets based on the
source IPv6 address.
-
IPv6 Extended
: IPv6 ACL mode that filters packets based on the
destination IP address, as well as the type of the next header and the
flow label (i.e., a request for special handling by IPv6 routers).
-
MAC
: MAC ACL mode that filters packets based on the source or
destination MAC address and the Ethernet frame type (RFC 1060).
Содержание WPCI-G - annexe 1
Страница 2: ......
Страница 26: ...TABLE OF CONTENTS xxvi ...
Страница 36: ...GETTING STARTED ...
Страница 72: ...MANAGING SYSTEM FILES 2 24 ...
Страница 74: ...SWITCH MANAGEMENT ...
Страница 90: ...CONFIGURING THE SWITCH 3 16 ...
Страница 245: ...SHOWING PORT STATISTICS 8 33 Figure 8 12 Port Statistics ...
Страница 252: ...ADDRESS TABLE SETTINGS 9 6 ...
Страница 318: ...CLASS OF SERVICE 12 16 ...
Страница 330: ...QUALITY OF SERVICE 13 12 ...
Страница 348: ...DOMAIN NAME SERVICE 15 8 ...
Страница 404: ...IP ROUTING 17 44 ...
Страница 406: ...COMMAND LINE INTERFACE ...
Страница 482: ...SYSTEM MANAGEMENT COMMANDS 20 54 Example Console show calendar 15 12 34 February 1 2002 Console ...
Страница 608: ...MIRROR PORT COMMANDS 26 4 ...
Страница 644: ...SPANNING TREE COMMANDS 29 28 ...
Страница 668: ...VLAN COMMANDS 30 24 ...
Страница 686: ...CLASS OF SERVICE COMMANDS 31 18 ...
Страница 700: ...QUALITY OF SERVICE COMMANDS 32 14 ...
Страница 792: ...IP INTERFACE COMMANDS 36 50 ...
Страница 818: ...APPENDICES ...
Страница 824: ...SOFTWARE SPECIFICATIONS A 6 ...
Страница 828: ...TROUBLESHOOTING B 4 ...
Страница 844: ...INDEX Index 6 ...
Страница 845: ......