User manual
C
HAPTER
4
| Configuring the Switch
Configuring Security
– 105 –
■
DIP Filter - Specifies the destination IP filter for this rule.
(Options: Any - no destination IP filter is specified, Host - specifies
the destination IP address in the DIP Address field, Network -
specifies the destination IP address and destination IP mask in the
DIP Address and DIP Mask fields; Default: Any)
Response to take when a rule is matched
◆ Action - Permits or denies a frame based on whether it matches an
ACL rule. (Default: Permit)
◆ Rate Limiter - Specifies a rate limiter (page 98) to apply to the port.
(Range: 1-16; Default: Disabled)
◆ Port Redirect - Port to which frames matching the ACE are redirected.
(Default: Disabled)
◆ Mirror - Mirrors matching frames from this port. (Default: Disabled)
See "Configuring Local Port Mirroring" on page 207.
ACL-based port mirroring set by this parameter and port mirroring set
on the general Mirror Configuration page are implemented
independently. To use ACL-based mirroring, enable the Mirror
parameter on the ACE Configuration page. Then open the Mirror
Configuration page, set the “Port to mirror on” field to the required
destination port, and leave the “Mode” field Disabled.
◆ Logging - Enables logging of matching frames to the system log.
(Default: Disabled)
Open the System Log Information menu (page 221) to view any entries
stored in the system log for this entry. Related entries will be displayed
under the “Info” or “All” logging levels.
◆ Shutdown - Shuts down a port when a macthing frame is seen.
(Default: Disabled)
◆ Counter - Shows he number of frames which have matched any of the
rules defined for this ACL.
VLAN Parameters
◆ VLAN ID Filter - Specifies the VLAN to filter for this rule.
(Options: Any, Specific (1-4095); Default: Any)
◆ Tag Priority - Specifies the User Priority value found in the VLAN tag
(3 bits as defined by IEEE 802.1p) to match for this rule. (Options: Any,
Specific (0-7); Default: Any)