Overview, Filtering criteria, Overview 6 – Allied Telesis AT-9000 Series User Manual

Chapter 73: Advanced Access Control Lists (ACLs)

1166

Overview

Access Control Lists (ACLs) act as filters to control the ingress packets on
ports. They are commonly used to restrict the types of packets ports
accept to increase port security and create physical links dedicated to
carrying specific types of traffic. For instance, you can configure ACLs to
permit ports to accept only ingress packets that have a specific source or
destination IP address.

There are two types of ACLs:



Numbered IPv4 ACLs



Numbered MAC ACLs

Numbered IPv4 ACLs and Numbered MAC ACLs are identified by ID
numbers. The ID number range for Numbered IPv4 ACLs is 3000 to 3699.
The ID number range for Numbered MAC ACLs is 4000 to 4699. In
addition, Numbered IPv4 ACLs and Numbered MAC ACLs take effect
immediately. You cannot assign them a date or time to begin filtering.
Numbered IPv4 ACLs are only compatible with IPv4 addresses. They are
not compatible with IPv6 addresses.

Filtering Criteria

All types of ACLs identify packets using filtering criteria. There are six
criteria:



Source and destination IP addresses



ICMP source and destination IP addresses



Protocol type



Source and destination TCP ports



Source and destination UDP ports



Source and destination MAC addresses