Figure 11: acl example 6 – Allied Telesis AT-S63 User Manual

Page 129

background image

AT-S63 Management Software Features Guide

Section II: Advanced Operations

129

The next example limits the ingress traffic on port 17 to IP packets from
the subnet 149.22.11.0 and a Type of Service setting of 6, destined to the
end node with the IP address 149.22.22.22. All other IP traffic and ARP
packets are prohibited.

Figure 11. ACL Example 6

Create Access Control Lists (ACL)

1 - ACL ID ................. 4
2 - Description .......... ToS 6 traffic - permit
3 - Action .................. Permit
4 - Classifier List ...... 6
5 - Port List .............. 17

Create Classifier

01 - Classifier ID: ...... 6
02 - Description: ....... ToS 6 subnet flow
.
.
09 - IP ToS: ............... 6
.
12 - Src IP Addr: ....... 149.22.11.0
13 - Src IP Mask: ...... 255.255.255.0
14 - Dst IP Addr: ....... 149.22.22.22
15 - Dst IP Mask: ......

Create Access Control Lists (ACL)

1 - ACL ID ................. 23
2 - Description .......... All IP flow - deny
3 - Action .................. Deny
4 - Classifier List ...... 8,67
5 - Port List .............. 17

Create Classifier

01 - Classifier ID: ..... 8
02 - Description: ...... All IP flow
.
.
08 - Protocol: ........... IP

Create Classifier

01 - Classifier ID: ..... 67
02 - Description: ...... All ARP flow
.
.
08 - Protocol: ........... 0x806 (ARP)