Configuring acl masks, Specifying the mask type, Configuring acl masks -10 – SMC Networks TigerAccess SMC7816M User Manual

A

CCESS

C

ONTROL

L

ISTS

8-10

Configuring ACL Masks

You must specify masks that control the order in which ACL rules are
checked. ACL rules matching the first entry in the mask are checked first.
Rules matching subsequent entries in the mask are then checked in the
specified order.

The switch includes two system default masks that pass/filter packets
matching the permit/deny rules specified in an ingress ACL. You can also
configure up to seven user-defined masks for an ingress or egress ACL. A
mask must be bound exclusively to one of the basic ACL types (i.e., Ingress
IP ACL, Egress IP ACL, Ingress MAC ACL or Egress MAC ACL), but a
mask can be bound to up to four ACLs of the same type.

Command Usage

• Up to seven entries can be assigned to an ACL mask.
• Packets crossing a port are checked against all the rules in the ACL until

a match is found. The order in which these packets are checked is
determined by the mask, and not the order in which the ACL rules are
entered.

• First create the required ACLs and the ingress or egress masks before

mapping an ACL to an interface.

• You must configure a mask for an ACL rule before you can bind it to a

port or set the queue or frame priorities associated with the rule.

Specifying the Mask Type

Use the ACL Mask Configuration page to edit the mask for the Ingress IP
ACL, Egress IP ACL, Ingress MAC ACL or Egress MAC ACL.