beautypg.com

Creating hardware acls, Creating ip hardware acls – Allied Telesis x908 User Manual

Page 3

background image

Page 3 | AlliedWare Plus™ OS How To Note

Creating hardware ACLs

Creating hardware ACLs

Hardware ACLs contain both the match criteria and the action to take on matching traffic.
There are two types of hardware ACL: IP address and MAC address. These are indexed by
their ID number. IP hardware ACLs have a number in the range 3000 to 3699 and MAC
hardware ACLs have a number in the range 4000 to 4699.

The following table shows the available ACL ranges as displayed by the ? help, and highlights
the hardware ACLs.

The ACLs give you the following choice of actions to take on matching traffic (see

“The

effects of the action keywords in ACLs” on page 6

for details).

Creating IP hardware ACLs

IP hardware ACLs filter packets from the following IP protocols:

z

IP

z

ICMP

z

TCP

z

UDP

This section describes how to create ACLs to filter packets from each of these protocols.

Number range

Description

1-99

IP standard access list

100-199

IP extended access list

1300-1999

IP standard access list (expanded range)

2000-2699

IP extended access list (expanded range)

3000-3699

Hardware IP access list

4000-4699

Hardware MAC access list

extended

Named IP extended access list

standard

Named IP standard access list

Action parameter

Description

copy-to-cpu

Specify packets to copy to the CPU

copy-to-mirror

Specify packets to copy to the mirror port

deny

Specify packets to reject

permit

Specify packets to permit

send-to-cpu

Specify packets to send to the CPU

This manual is related to the following products:
See also other documents in the category Allied Telesis Computer Accessories: