User manual
C
HAPTER
4
| Configuring the Switch
Configuring Security
– 101 –
ACE CONFIGURATION
Ingress Port and Frame Type
◆ Ingress Port - Any port, port identifier, or policy. (Options: Any port,
Port 1-10, Policy 1-8; Default: Any)
◆ Policy Filter - The policy number filter for this ACE:
■
Any - No policy filter is specified (i.e., don’t care).
■
Specific - If you want to filter a specific policy with this ACE,
choose this value. Two fields for entering an policy value and
bitmask appears.
◆ Frame Type - The type of frame to match. (Options: Any, Ethernet,
ARP, IPv4; Default: Any)
Filter Criteria Based on Selected Frame Type
◆ Ethernet:
MAC Parameters
■
SMAC Filter - The type of source MAC address. (Options: Any,
Specific - user defined; Default: Any)
■
DMAC Filter - The type of destination MAC address. (Options: Any,
MC - multicast, BC - broadcast, UC - unicast, Specific - user
defined; Default: Any)
Ethernet Type Parameters
■
EtherType Filter - This option can only be used to filter Ethernet II
formatted packets. (Options: Any, Specific (600-ffff hex);
Default: Any)
A detailed listing of Ethernet protocol types can be found in RFC
1060. A few of the more common types include 0800 (IP), 0806
(ARP), 8137 (IPX).
◆ ARP:
MAC Parameters
■
SMAC Filter - The type of source MAC address. (Options: Any,
Specific - user defined; Default: Any)
■
DMAC Filter - The type of destination MAC address. (Options: Any,
MC - multicast, BC - broadcast, UC - unicast; Default: Any)
ARP Parameters
■
ARP/RARP - Specifies the type of ARP packet. (Options: Any - no
ARP/RARP opcode flag is specified, ARP - frame must have ARP/