3Com 3CBLSG24 User Guide - Page 71

Defining Access Control Lists 71 The IP Based ACL Modify Page contains the following fields: ■ Selection ACL - Selects the ACL to be modified. Modify Rule ■ Priority - Defines the ACL priority. ACLs are checked on the first fit basis. The ACL priority defines the ACL order in the ACL list. ■ Protocol - Indicates the protocol in the ACE to which the packet is matched. ■ Select from List - Selects a protocol from a list on which ACE can be based. ■ Protocol ID - Adds user-defined protocols by which packets are matched to the ACE. Each protocol has a specific protocol number which is unique. The possible field range is 0-255. ■ Source Port - Enables creating an ACL based on a specific protocol. ■ Any - Enables creating an ACL based on any protocol. ■ Destination Port - Indicates the destination port that is matched packets. Enabled only when TCP or UDP are selected in the Protocol list. ■ Any - Enables creating an ACL Based on any protocol. ■ TCP Flags - If checked, enables configuration of TCP flags matched to the packet. The possible fields are: ■ Urg - Urgent pointer field significant. The urgent pointer points to the sequence number of the octet following the urgent data. ■ Ack - Acknowledgement field significant. The acknowledgement field is the byte number of the next byte that the sender expects to receive from the receiver. ■ Psh - Push (send) the data as soon as possible, without buffering. This is used for interactive traffic. ■ Rst - Reset the connection. This invalidates the sequence numbers and aborts the session between the sender and receiver. ■ Syn - Synchronize Initial Sequence Numbers (ISNs). This is used to initialize a new connection. ■ Fin - Finish. This indicates there is no more data from the sender. This marks a normal closing of the session between the sender and receiver.