Table of Contents
Advertisement
Chapter 6
Logical Object Dialog Boxes
•
Add Filter button—Launches the Add Filter subdialog box, shown in
permit or deny filter to an ACL. On a standard ACL, a filter may only be defined against traffic
flows originating from a source host or range of hosts. On an extended ACL, filters may be defined
against specific traffic types, against the source or destination of a traffic flow, and against specific
source or destination TCP or UDP ports.
Figure 6-90 Add Filter Dialog Box
The following fields are displayed in this Add Filter subdialog box:
•
Criteria—filter type:
–
–
Protocol—Name or number of an IP protocol to apply an extended ACL filter to. To match any
•
Internet protocol (including ICMP, TCP, and UDP) use the keyword "ip". This argument is not
applicable when creating standard ACL filters, and mandatory for extended ACL filters.
Source IP—Number of the network or host from which the packet is being sent.
•
Source Mask—Bitmask used in combination with Source IP to specify a host address or a range of
•
addresses to apply filter. Place ones in the bit positions you want to ignore.
Source Operand—Comparison operator for source TCP or UDP ports. The range operator requires
•
two source ports, all others require a single port. This is an optional argument that is only applicable
when creating extended ACL filters against TCP or UDP traffic. The following values are available:
–
–
–
–
–
–
permit—Filter allows packets in a traffic flow if the filter conditions are met.
deny—Filter blocks packets in a traffic flow if the filter conditions are met.
none
lessThan
equal
greaterThan
notEqual
range
C6576M ACL Configuration Dialog Box
Figure
6-90, to append a
Cisco 6500/7600 Series Manager User Guide
6-115
Hide quick links:
Advertisement
Table of Contents
