Configuring an arp acl – Brocade 6910 Ethernet Access Switch Configuration Guide (Supporting R2.2.0.0) User Manual

Page 952

Advertising
background image

896

Brocade 6910 Ethernet Access Switch Configuration Guide

53-1002651-02

42

Access Control Lists

Configuring an ARP ACL

Use the Security > ACL (Configure ACL - Add Rule - ARP) page to configure ACLs based on ARP
message addresses. ARP Inspection can then use these ACLs to filter suspicious traffic (see

“Configuring Global Settings for ARP Inspection”

on page 901).

CLI References

“permit, deny (ARP ACL)”

on page 250

“show ip access-list”

on page 239

“Time Range”

on page 101

Parameters
These parameters are displayed:

Type – Selects the type of ACLs to show in the Name list.

Name – Shows the names of ACLs matching the selected type.

Action – An ACL can contain any combination of permit or deny rules.

Packet Type – Indicates an ARP request, ARP response, or either type. (Range: IP, Request,
Response; Default: IP)

Source/Destination IP Address Type – Specifies the source or destination IPv4 address. Use
“Any” to include all possible addresses, “Host” to specify a specific host address in the Address
field, or “IP” to specify a range of addresses with the Address and Mask fields. (Options: Any,
Host, IP; Default: Any)

Source/Destination IP Address – Source or destination IP address.

Source/Destination IP Subnet Mask – Subnet mask for source or destination address. (See
the description for Subnet Mask under

“Configuring a Standard IPv4 ACL”

on page 887.)

Source/Destination MAC Address Type – Use “Any” to include all possible addresses, “Host” to
indicate a specific MAC address, or “MAC” to specify an address range with the Address and
Mask fields. (Options: Any, Host, MAC; Default: Any)

Source/Destination MAC Address – Source or destination MAC address.

Source/Destination MAC Bit Mask – Hexadecimal mask for source or destination MAC
address.

Log – Logs a packet when it matches the access control entry.

Interface
To add rules to an ARP ACL:

1. Click Security, ACL.

2. Select Configure ACL from the Step list.

3. Select Add Rule from the Action list.

4. Select ARP from the Type list.

5. Select the name of an ACL from the Name list.

6. Specify the action (i.e., Permit or Deny).

7. Select the packet type (Request, Response, All).

8. Select the address type (Any, Host, or IP).

Advertising
Popular Brands
Popular manuals