Manualshelf

WESM zl Management and Configuration Guide WT.01.28 and greater

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
541542543544545546547548549550
7-6
Access Control Lists (ACLs)
Overview
protocol
By default, a rule matches all IP packets, but you can limit the rule to a specific
protocol including:
•ICMP
•TCP
UDP
for ICMP packets, ICMP type and ICMP code
for TCP and UDP packets, source and destination ports
In this way, you can control traffic according to the application. For example,
configure a rule to select Web traffic by specifying the TCP protocol and
destination port 80.
Extended MAC ACL rules can include these additional filters:
the destination MAC address, either a single address or a range of addresses
(specified by a mask)
VLAN ID—a specific VLAN ID number
802.1p priority—the traffic service class used for quality of service (QoS)
EtherType—the Layer 3 protocol encapsulated in the frame:
IPv4—Internet Protocol, version 4
ARP—Address Resolution Protocol
RARP—Reverse Address Resolution Protocol
AppleTalk
AARP—AppleTalk Address Resolution Protocol
802.1q—VLANs
IPX—Internetwork Packet Exchange
IPv6—Internet Protocol, version 6
Operation
The module takes one of the following actions on packets selected by a rule:
deny—the module drops the selected traffic
permit—the module forwards the selected traffic
mark—the module marks the selected traffic for a certain type of QoS and
forwards the traffic
Permit and Deny. These operations allow you to control users’ network access.