52
3
-
2.3 Access
Control List
The section describes how to configure the Access Control List rule. An Access
Control List (ACL) is a sequential list of permit or deny conditions that apply to IP
addresses, MAC addresses, or other more specific criteria. This switch tests ingress
packets against the conditions in an ACL one by one. A packet will be accepted as
soon as it matches a permit rule, or dropped as soon as it matches a deny rule. If no
rules match, the frame is accepted. Other actions can also be invoked when a
matching packet is found, including rate limiting, copying matching packets to
another port or to the system log, or shutting down a port.
This page shows the Access Control List (ACL), which is made up of the ACEs defined
on this switch. Each row describes the ACE that is defined. The maximum number of
ACEs is 256 on each switch. Click on the lowest plus sign to add a new ACE to the
list. The reserved ACEs, used for internal protocol, cannot be edited or deleted. The
order sequence cannot be changed and the priority is highest.
Web Interface
To configure Access Control List in the web interface:
1.
Click Configuration, ACL, and then Access Control List.
2.
Click the
button to add a new ACL, or use the other ACL modification
buttons to specify the editing action (e.g. edit, delete, or moving the
relative position of entry in the list).
3.
Specifies the parameter of the ACE.
4.
Click “Save” to save the setting.
5.
If you want to cancel the setting, click the reset button to revert back to
previously saved values.
6.
When editing an entry on the ACE Configuration page, note that the items
displayed depends on various selections, such as frame type and IP
protocol type. Specifies the relevant criteria to be matched for this rule,
and set the actions to take when a rule is matched (such as rate limiter, port
copy, logging, or shutdown).
Figure 3-2.3: The ACL Rate Limiter Configuration
