User Guide
602
Configuring ACL
ACL Configuration
Follow these steps to configure the IPv6 ACL rule:
1) In the
IPv6 ACL Rule
section, configure the following parameters:
Rule ID
Enter an ID number to identify the rule.
It should not be the same as any current rule ID in the same ACL. If you
select Auto Assign, the rule ID will be assigned automatically and the interval
between rule IDs is 5.
Operation
Select an action to be taken when a packet matches the rule.
Permit
: To forward the matched packets.
Deny
: To discard the matched packets.
IPv6 Class
Specify an IPv6 class value to be matched. The switch will check the class
field of the IPv6 header.
Flow Label
Specify a Flow Label value to be matched.
IPv6 Source IP
Enter the source IPv6 address to be matched. All types of IPv6 address will
be checked. You may enter a complete 128-bit IPv6 address but only the
first 64 bits will be valid.
Mask
The mask is required if the source IPv6 address is entered. Enter the mask in
complete format (for example, FFFF:FFFF:0000:FFFF).
The IP address mask specifies which bits in the source IPv6 address to
match the rule. A value of 1 in the mask indicates that the corresponding bit
in the address will be matched.
IPv6 Destination IP
Enter the destination IPv6 address to be matched. All types of IPv6 address
will be checked. You may enter a complete 128-bit IPv6 address but only the
first 64 bits will be valid.
Mask
The mask is required if the destination IPv6 address is entered. Enter the
complete mask (for example, FFFF:FFFF:0000:FFFF).
The IP address mask specifies which bits in the source IP address to match
the rule. A value of 1 in the mask indicates that the corresponding bit in the
address will be matched.
IP Protocol
Select a protocol type from the drop-down list.
No Limit:
Packets of all protocols will be matched.
UDP:
Specify the source port and destination port for the UDP packet to be
matched.
TCP
: Specify the source port and destination port for the TCP packet to be
matched.
User-defined
: You can customize an IP protocol.
S-Port / D-Port
If TCP/UDP is selected as the IP protocol, specify the source and destination
port numbers.
Time Range
Select a time range during which the rule will take effect. The default
value is No Limit, which means the rule is always in effect. The Time Range
referenced here can be created on the
SYSTEM > Time Range
page.
Downloaded from