2 acl troubleshooting help, 5 web management – Accton Technology ES4710BD User Manual

Page 279

background image

278

E

ES4710BD 10 Slots L2/L3/L4 Chassis Switch

Command mode: Admin Mode

Usage Guide:

Example:

Switch#show firewall

Firewall Status: Enable.

Firewall Default Rule: Permit.

Displayed information

Explanation

Firewall Status: Enable.

Enables packet filtering function

Firewall

Default

Rule:

Permit.

The default action for packet filtering is

“permit”

12.4.2 ACL Troubleshooting Help

&

Checking for entries in the ACL is done in a top-down order and ends whenever an entry is

matched.

&

Default rule will be used only if no ACL is bound to the specific direction of the port, or no

ACL entry is matched.

&

Applies to IP packets incoming on all ports, and has no effect on other types of packets.

&

One port can bound to only one incoming ACL.

&

The number of ACLs that can be successfully bound depends on the content of the ACL bound

and the hardware resource limit. Users will be prompted if an ACL cannot be bound due to

hardware resource limitation.

&

If an access list contains same filtering information but conflicting action rules, binding to the

port will fail with an error message. For instance, configuring “permit tcp any-source

any-destination” and ”deny tcp any-source any-destination” at the same time is not permitted.

&

Viruses such as “worm.blaster” can be blocked by configuring ACL to block certain ICMP

packets.

12.5 WEB MANAGEMENT

By clicking the ACL configuration icon, it will open up the ACL sub-sections which include the
following parts:
z

Numeric ACL Configuration – Standard and Extended types

z

ACL Name Configuration – Standard and Extended types

z

Filter Configuration -- enable global configuration and the default action to bind ACL to the
ports