252
Command mode: Admin Mode
Usage Guide:
Example:
Switch#show firewall
Firewall Status: Enable.
Firewall Default Rule: Permit.
Displayed information Explanation
Firewall Status: Enable. Enable packet filtering function
Firewall Default Rule: Permit. The default action for packet filtering is
“permit”
9.4.2 ACL Troubleshooting Help
& The check for entries in the ACL is in a top-down order, and ends whenever an entry
is matched.
& Default rule will be used only if no ACL is bound to the specific direction of the port, or
no ACL entry is matched.
& Applies to IP packets incoming on all ports, and has no effect on other types of
packets.
& One port can bind only one incoming ACL.
& The number of ACL that can be successfully bound depends on the content of ACL
bound and hardware resource limit. The user will be prompted if ACL cannot be
bound due to hardware resource limitation.
& If an access list contains same filtering information but conflicting action rule, binding
to the port will fail with an error message. For instance, configuring “permit tcp
any-source any-destination” and ”deny tcp any-source any-destination” the same
time.
& Virus such as “worm.blaster” can be blocked by configuring ACL to block certain
ICMP packets.
9.5 Web Management
Click ACL configuration. The ACL configuration page is shown:
Numeric ACL configuration – Configure Numeric ACL, including standard ACL and
extended ACL