Table 4-33 access control list commands -124 – SMC Networks SMC TigerStack III SMC6824MPE User Manual
Page 386
C
OMMAND
L
INE
I
NTERFACE
4-124
The order in which active ACLs are checked is as follows:
1. User-defined rules in the Egress MAC ACL for egress ports.
2. User-defined rules in the Egress IP ACL for egress ports.
3. User-defined rules in the Ingress MAC ACL for ingress ports.
4. User-defined rules in the Ingress IP ACL for ingress ports.
5. Explicit default rule (permit any any) in the ingress IP ACL for ingress
ports.
6. Explicit default rule (permit any any) in the ingress MAC ACL for ingress
ports.
7. If no explicit rule is matched, the implicit default is permit all.
Masks for Access Control Lists
You can specify optional masks that control the order in which ACL rules are
checked. The switch includes two system default masks that pass/filter
packets matching the permit/deny the rules specified in an ingress ACL. You
can also configure up to seven user-defined masks for an ACL. A mask must
be bound exclusively to one of the basic ACL types (i.e., Ingress IP ACL,
Egress IP ACL, Ingress MAC ACL or Egress MAC ACL), but a mask can be
bound to up to four ACLs of the same type.
Table 4-33 Access Control List Commands
Command Groups Function
Page
IP ACLs
Configures ACLs based on IP addresses, TCP/UDP
port number, protocol type, and TCP control code
MAC ACLs
Configures ACLs based on hardware addresses,
packet format, and Ethernet type
ACL Information
Displays ACLs and associated rules; shows ACLs
assigned to each port