4 acl ports configuration – Interlogix NS3550-8T-2S User Manual User Manual
Page 192
User’s Manual of NS3550-8T-2S
192
status is "don't-care").
Specific
: If you want to filter a specific TCP/UDP destination filter with this ACE,
you can enter a specific TCP/UDP destination value. A field for entering a
TCP/UDP destination value appears.
Range
: If you want to filter a specific range TCP/UDP destination filter with this
ACE, you can enter a specific TCP/UDP destination range value. A field for
entering a TCP/UDP destination value appears.
TCP/UDP Destination
Number
When "Specific" is selected for the TCP/UDP destination filter, you can enter a
specific TCP/UDP destination value. The allowed range is 0 to 65535. A frame
that hits this ACE matches this TCP/UDP destination value.
TCP/UDP Destination
Range
When "Range" is selected for the TCP/UDP destination filter, you can enter a
specific TCP/UDP destination range value. The allowed range is 0 to 65535. A
frame that hits this ACE matches this TCP/UDP destination value.
TCP FIN
Specify the TCP "No more data from sender" (FIN) value for this ACE.
0
: TCP frames where the FIN field is set must not be able to match this entry.
1
: TCP frames where the FIN field is set must be able to match this entry.
Any
: Any value is allowed ("don't-care").
TCP SYN
Specify the TCP "Synchronize sequence numbers" (SYN) value for this ACE.
0
: TCP frames where the SYN field is set must not be able to match this entry.
1
: TCP frames where the SYN field is set must be able to match this entry.
Any
: Any value is allowed ("don't-care").
TCP RST
Specify the TCP "Reset the connection" (RST) value for this ACE.
0
: TCP frames where the RST field is set must not be able to match this entry.
1
: TCP frames where the RST field is set must be able to match this entry.
Any
: Any value is allowed ("don't-care").
TCP PSH
Specify the TCP "Push Function" (PSH) value for this ACE.
0
: TCP frames where the PSH field is set must not be able to match this entry.
1
: TCP frames where the PSH field is set must be able to match this entry.
Any
: Any value is allowed ("don't-care").
TCP ACK
Specify the TCP "Acknowledgment field significant" (ACK) value for this ACE.
0
: TCP frames where the ACK field is set must not be able to match this entry.
1
: TCP frames where the ACK field is set must be able to match this entry.
Any
: Any value is allowed ("don't-care").
TCP URG
Specify the TCP "Urgent Pointer field significant" (URG) value for this ACE.
0
: TCP frames where the URG field is set must not be able to match this entry.
1
: TCP frames where the URG field is set must be able to match this entry.
Any
: Any value is allowed ("don't-care").
Ethernet Type Parameters
The Ethernet Type parameters can be configured when Frame Type "Ethernet Type" is selected.
Object
Description
EtherType Filter
Specify the Ethernet type filter for this ACE.
Any
: No EtherType filter is specified (EtherType filter status is "don't-care").
Specific
: If you want to filter a specific EtherType filter with this ACE, you can
enter a specific EtherType value. A field for entering a EtherType value appears.
Ethernet Type Value
When "Specific" is selected for the EtherType filter, you can enter a specific
EtherType value. The allowed range is 0x600 to 0xFFFF but excluding
0x800(IPv4), 0x806(ARP) and 0x86DD(IPv6). A frame that hits this ACE matches
this EtherType value.
Buttons
: Click to save changes.
: Click to undo any changes made locally and revert to previously saved values.
: Return to the previous page.
4.10.4 ACL Ports Configuration
Configure the ACL parameters (ACE) of each switch port. These parameters will affect frames received on a port unless the
frame matches a specific ACE.
The ACL Ports Configuration screen in
Figure 4-10-4
appears.