Configuring a mac acl, Mac acl – Microsens MS453490M Management Guide User Manual
Page 308
C
HAPTER
14
| Security Measures
Access Control Lists
– 308 –
C
ONFIGURING
A
MAC
ACL
Use the Security > ACL (Configure ACL - Add Rule - MAC) page to
configure a MAC ACL based on hardware addresses, packet format, and
Ethernet type.
CLI R
EFERENCES
◆
"permit, deny (MAC ACL)" on page 691
◆
"show ip access-list" on page 689
◆
P
ARAMETERS
These parameters are displayed:
◆
Type – Selects the type of ACLs to show in the Name list.
◆
Name – Shows the names of ACLs matching the selected type.
◆
Action – An ACL can contain any combination of permit or deny rules.
◆
Source/Destination Address Type – Use “Any” to include all
possible addresses, “Host” to indicate a specific MAC address, or “MAC”
to specify an address range with the Address and Bit Mask fields.
(Options: Any, Host, MAC; Default: Any)
◆
Source/Destination MAC Address – Source or destination MAC
address.
◆
Source/Destination Bit Mask – Hexadecimal mask for source or
destination MAC address.
◆
Packet Format – This attribute includes the following packet types:
■
Any – Any Ethernet packet type.
■
Untagged-eth2 – Untagged Ethernet II packets.
■
Untagged-802.3 – Untagged Ethernet 802.3 packets.
■
tagged-eth2 – Tagged Ethernet II packets.
■
Tagged-802.3 – Tagged Ethernet 802.3 packets.
◆
VID – VLAN ID. (Range: 1-4094)
◆
VID Bit Mask – VLAN bit mask. (Range: 0-4094)
◆
Ethernet Type – This option can only be used to filter Ethernet II
formatted packets. (Range: 600-ffff hex.)
A detailed listing of Ethernet protocol types can be found in RFC 1060.
A few of the more common types include 0800 (IP), 0806 (ARP), 8137
(IPX).
◆
Ethernet Type Bit Mask – Protocol bit mask. (Range: 600-ffff hex.)
◆
Time Range – Name of a time range.