User Manual
Table Of Contents
- M6100 Web Management User Guide
- Contents
- 1. Getting Started
- 2. Configuring System Information
- 3. Configuring Switching Information
- 4. Routing
- 5. Configuring Quality of Service
- 6. Managing Device Security
- 7. Monitoring the System
- 8. Maintenance
- 9. Help
- A. Default Settings
- B. Configuration Examples
- C. Notification of Compliance
Managing Device Security
485
M6100 Web Management User Guide
13. Use Source L4 Port Action to specify relevant matching conditions for L4 port numbers in
the current extended ACL rule:
• Equal — IP ACL rule matches only if the layer 4 source port number is equal to the
specified port number or port key.
• Less Than — IP ACL rule matches if the layer 4 source port number is less than the
specified port number or port key.
• Greater Than — IP ACL rule matches if the layer 4 source port number is greater than
the specified port number or port key.
• Not Equal — IP ACL rule matches only if the layer 4 source port number is not equal to
the specified port number or port key.
14. Src L4 Port and Src L4 Range options are available only when protocol is set to TCP or
UDP. When you select the Port option, choose port key from the list or enter the port
number yourself.
• The source IP TCP port names are bgp, domain, echo, ftp, ftpdata, http, smtp, snmp,
telnet, www, pop2, pop3.
• The source IP UDP port names are domain, echo, ntp, rip, snmp, tftp, time, who.
Each of these values translates into its equivalent port number, which is used as both the
start and end of the port range.
Only when you select Other in the list of port keys, can you enter your own port number.
If you leave the Other field empty, it means any.
15. When you select the Range option, IP ACL rule matches only if the layer 4 port number is
within the specified port range. The Start Port and End Port parameters identify the first and
last ports that are part of the port range. They have values from 0 to 65535.
The possibility of entering your own port number is available only when Other is selected
in the list of port keys. The starting port, ending port, and all ports in between will be a
part of the layer 4 port range. If these fields are left empty, it means any.
The wild card mask determines which bits are used and which bits are ignored. A wild
card mask of 0.0.0.0 indicates that none of the bits are important. A wild card of
255.255.255.255 indicates that all of the bits are important.
16. In the Dst field, specify a Destination IP Address, using dotted-decimal notation, and with a
relevant wild card mask, to be compared to a packet's destination IP Address as a match
criteria for the selected extended IP ACL rule.
17. Select the IP Address option and enter an IP address with a relevant wild card mask to
apply this criteria. If these fields are left empty, it means any.
18. When you select the Host option, the wild card mask is configured as 0.0.0.0. If this field is
left empty, it means any.
19. In the Destination IP Mask field, specify the IP Mask, in dotted-decimal notation, to be used
with the Destination IP Address value.
20. In the Dst L4 Port and Dst L4 Range fields, specify the layer 4 destination port match
condition for the selected extended IP ACL rule. These options are available only when the
protocol is set to TCP or UDP.