Configuring acl masks, Configuring acl masks -96 – SMC Networks SMC TigerStack III SMC6824MPE User Manual
Page 146
C
ONFIGURING
THE
S
WITCH
3-96
Configuring ACL Masks
You can specify optional masks that control the order in which ACL rules
are checked. The switch includes two system default masks that pass/filter
packets matching the permit/deny rules specified in an ingress ACL. You
can also configure up to seven user-defined masks for an ingress or egress
ACL. A mask must be bound exclusively to one of the basic ACL types
(i.e., Ingress IP ACL, Egress IP ACL, Ingress MAC ACL or Egress MAC
ACL), but a mask can be bound to up to four ACLs of the same type.
Command Usage
•
Up to seven entries can be assigned to an ACL mask.
•
Packets crossing a port are checked against all the rules in the ACL
until a match is found. The order in which these packets are checked is
determined by the mask, and not the order in which the ACL rules are
entered.
•
First create the required ACLs and the ingress or egress masks before
mapping an ACL to an interface.
•
You must configure a mask for an ACL rule before you can bind it to
a port or set the queue or frame priorities associated with the rule.