3Com 3CBLSG24 User Guide - Page 60
Priority, Source MAC Address, Source Mask, Destination MAC Address, Destination Mask, VLAN ID
View all 3Com 3CBLSG24 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 60 highlights
60 CHAPTER 4: MANAGING DEVICE SECURITY Add Rules to ACL ■ Priority - Indicates the ACE priority, which determines which ACE is matched to a packet on a first-match basis. The possible field values are 1-2147483647. ■ Source MAC Address - Matches the source MAC address to which packets are addressed to the ACE. ■ Source Mask - Indicates the source MAC Address wildcard mask. Wildcards are used to mask all or part of a source MAC address. Wildcard masks specify which bits are used and which are ignored. A wildcard mask of FF:FF:FF:FF:FF:FF indicates that no bit is important. A wildcard of 00.00.00.00.00.00.00 indicates that all bits are important. For example, if the source MAC address is 00:AB:22:11:33:00 and the wildcard mask is 00:00:00:00:00:FF, the first five bytes of the MAC are used, while the last byte is ignored. For the source MAC address 00:AB:22:11:33:00, this wildcard mask matches all MAC addresses in the range 00:AB:22:11:33:00 to 00:AB:22:11:33:FF. ■ Destination MAC Address - Matches the destination MAC address to which packets are addressed to the ACE. ■ Destination Mask - Indicates the destination MAC Address wildcard mask. Wildcards are used to mask all or part of a destination MAC address. Wildcard masks specify which bits are used and which are ignored. A wildcard mask of FF:FF:FF:FF:FF:FF indicates that no bit is important. A wildcard mask of 00.00.00.00.00.00 indicates that all bits are important. For example, if the destination MAC address is 00:AB:22:11:33:00 and the wildcard mask is 00:00:00:00:00:FF, the first five bytes of the MAC are used, while the last byte is ignored. For the destination MAC address 00:AB:22:11:33:00, this wildcard mask matches all MAC addresses in the range 00:AB:22:11:33:00 to 00:AB:22:11:33:FF. ■ VLAN ID - Matches the packet's VLAN ID to the ACE. The possible field values are 1 to 4093. ■ CoS - Classifies traffic based on the CoS tag value. ■ CoS Mask - Defines the CoS mask used to classify network traffic. ■ Ethertype - Provides an identifier that differentiates between various types of protocols. ■ Action - Indicates the ACL forwarding action. In addition, the port can be shut down, a trap can be sent to the network administrator, or