User Manual
Table Of Contents
- M6100 Web Management User Guide
- Contents
- 1. Getting Started
- 2. Configuring System Information
- 3. Configuring Switching Information
- 4. Routing
- 5. Configuring Quality of Service
- 6. Managing Device Security
- 7. Monitoring the System
- 8. Maintenance
- 9. Help
- A. Default Settings
- B. Configuration Examples
- C. Notification of Compliance
Managing Device Security
491
M6100 Web Management User Guide
• Destination L4 UDP port names are domain, echo, ntp, rip, snmp, tftp, time, who.
When the Port option is selected, choose port key from the list or enter a port number by
yourself. You can enter your own port number only when Other is selected in the list of
port keys. If this field is left empty, it means any.
15. Destination L4 Port Action specifies the relevant matching condition for layer 4 port
numbers in the current extended ACL rule:
• Equal — IPv6 ACL rule matches only if the layer 4 source port number is equal to the
specified port number or port key.
• Less Than — IPv6 ACL rule matches if the layer 4 source port number is less than the
specified port number or port key.
• Greater Than — IPv6 ACL rule matches if the layer 4 source port number is greater
than the specified port number or port key.
• Not Equal — IPv6 ACL rule matches only if the layer 4 source port number is not equal
to the specified port number or port key.
16. Fragments — Specifies the rule to match the packets that are non-initial fragments (fragment
bit asserted). This option is not valid for rules that match L4 information such as TCP port
number, since that information is carried in the initial packet.
17. Routing — Specifies the rule to match the packets that have a routing extension header.
18. ICMPv6 Type - Specifies a match condition for ICMP packets.
• When Type radio-button is selected, IPv6 ACL rule matches with the specified
ICMPv6 message type, a possible type number is in range from 0 to 255. When
ICMPv6 code is specified, IP ACL rule matches with the specified ICMPv6 message
code. Possible value is in range from 0 to 255. If these fields is left empty, it means
'any'.
19. When Message radio-button is selected, choose type of the ICMPv6 message to match with
the selected IPv6 ACL rule.
• Specifying Message implies that both ICMPv6 type and ICMPv6 code are specified.
ICMPv6 message is decoded into corresponding ICMPv6 type and ICMPv6 code
within that ICMPv6 type. IPv6 ICMPv6 message types: destination-unreachable,
echo-reply, echo-request, header, hop-limit, mld-query, mld-reduction, mld-report,
nd-na, nd-ns, next-header, no-admin, no-route, packet-too-big, port-unreachable,
router-solicitation, router-advertisement, router-renumbering, time-exceeded and
unreachable.
Note: The following fields are enabled only if the protocol is ICMPv6.
20. Flow Label - Flow label is 20-bit number that is unique to an IPv6 packet, used by end
stations to signify quality-of-service handling in routers. Flow label can specified within the
range (0 to 1048575).
21. Use IPv6 DSCP Service to specify the IP DiffServ Code Point (DSCP) field. The DSCP is
defined as the high-order six bits of the Service Type octet in the IPv6 header. This is an
optional configuration. Enter an integer from 0 to 63. The IPv6 DSCP is selected by possibly