User manual
SS2R24G4i/SS2R48G4i
129
rules, from the first rule to the first matched rule; the rest of the rules will not be processed.
z Global default action applies only to IP packets in the incoming direction on the ports. For non-
incoming IP packets and all outgoing packets, the default forward action is “permit”.
z Global default action applies only when packet flirter is enabled on a port and no ACL is bound to
that port, or no binding ACL matches.
z When an access-list is bound to the outgoing direction of a port, the action in the rule can only be
“deny”.
15.3 ACL Configuration
15.3.1 ACL Configuration Task Sequence
1. Configuring access-list
(1) Configuring a numbered standard IP access-list
(2) Configuring a numbered extended IP access-list
(3) Configuring a standard IP access-list based on nomenclature
a) Create a standard IP access-list based on nomenclature
b) Specify multiple “permit” or “deny” rule entries.
c) Exit ACL Configuration Mode
(4) Configuring an extended IP access-list based on nomenclature.
a) Create an extensive IP access-list based on nomenclature
b) Specify multiple “permit” or “deny” rule entries.
c) Exit ACL Configuration Mode
(5) Configuring a numbered standard MAC access-list
(6) Configuring a numbered extended MAC access-list
(7) Configuring a standard MAC access-list based on nomenclature
a) Create a standard IP access-list based on nomenclature
b) Specify multiple “permit” or “deny” rule entries.
c) Exit ACL Configuration Mode
(8) Configuring a numbered extended MAC-IP access-list
(9) Configuring a standard MAC-IP access-list based on nomenclature
a) Create a standard MAC-IP access-list based on nomenclature
b) Specify multiple “permit” or “deny” rule entries.
c) Exit MAC-IP Configuration Mode
2. Configuring the packet filtering function
(1) Enable global packet filtering function
(2) Configure default action.
3. Configuring time range function