2 managing differentiated services – Fortinet 548B User Manual

- 907 -

Non-Configurable Data

Summary Display Selector - Select interface or VLAN to display summary. By default summary of
Interface-based ACL(s) is displayed.

Slot/Port(s) - The interfaces to which the IP ACL applies.

VLAN(s) - VLAN(s) to which the IP ACL applies.

Direction - The direction of packet traffic affected by the IP ACL.

Direction can only be one of the following:



Inbound

ACL Type - Displays the type of ACL assigned to selected VLAN and direction.

ACL Identifier - Displays the ACL Number(in case of IP ACL) or ACL Name(in case of IPv6 ACL
and MAC ACL) identifying the ACL assigned to selected VLAN and direction.

Sequence Number - Displays the Sequence Number signifying the order of specified ACL relative
to other ACLs assigned to selected VLAN and direction.

Command Buttons

Refresh - Refresh the data on the screen to the latest state.

11.7.2

Managing Differentiated Services

11.7.2.1 Defining DiffServ Configuration Page

Operation

Packets are filtered and processed based on defined criteria. The filtering criteria is defined by a class.
The processing is defined by a policy's attributes. Policy attributes may be defined on a per-class
instance basis, and it is these attributes that are applied when a match occurs.

The configuration process begins with defining one or more match criteria for a class. Then one or more
classes are added to a policy. Policies are then added to interfaces.

Packet processing begins by testing the match criteria for a packet. The 'all' class type option defines
that each match criteria within a class must evaluate to true for a packet to match that class. The 'any'
class type option defines that at least one match criteria must evaluate to true for a packet to match that
class. Classes are tested in the order in which they were added to the policy. A policy is applied to a
packet when a class match within that policy is found.