3Com 3CBLSG48 User Guide - Page 78

CHAPTER 4: MANAGING DEVICE SECURITY 67 Add Rules to ACL Priority - Defines the ACL priority. ACLs are checked on the first fit basis. The ACL priority defines the ACL order in the ACL list. Protocol - Indicates the protocol in the ACE to which the packet is matched. The possible fields are: Select from List - Selects a protocol on which ACE can be based. Protocol ID - Select a protocol ID from a list on which ACE can be based. Source Port - Indicates the source port that is used for matched packets. Enabled only when TCP or UDP are selected in the Protocol list. The field value is either user defined or Any. If Any is selected the IP based ACL is applied to any source port. Destination Port - Indicates the destination port that is used for matched packets. Enabled only when TCP or UDP are selected in the Protocol list. The field value is either user defined or Any. If Any is selected, the IP based ACL is applied to any destination port. TCP Flags - If checked, enables configuration of TCP flags matched to the packet. The possible fields are: Urg - Urgent pointer field significant. The urgent pointer points to the sequence number of the octet following the urgent data. Ack - Acknowledgement field significant. The acknowledgement field is the byte number of the next byte that the sender expects to receive from the receiver. Psh - Push (send) the data as soon as possible, without buffering.This is used for interactive traffic. Rst - Reset the connection. This invalidates the sequence numbers and aborts the session between the sender and receiver. Syn - Synchronize Initial Sequence Numbers (ISNs). This is used to initialize a new connection. Fin - Finish. This indicates there is no more data from the sender. This marks a normal closing of the session between the sender and receiver.