3com 2924-PWR User Manual
74
C
HAPTER
4: M
ANAGING
D
EVICE
S
ECURITY
■
Source Port — Defines the source port that is used for matched
packets. Enabled only when TCP or UDP are selected in the Protocol
list. The field value is either user defined or Any. If Any is selected the
IP based ACL is applied to any source port.
packets. Enabled only when TCP or UDP are selected in the Protocol
list. The field value is either user defined or Any. If Any is selected the
IP based ACL is applied to any source port.
■
Destination Port — Defines the destination port that is used for
matched packets. Enabled only when TCP or UDP are selected in the
Protocol list. The field value is either user defined or Any. If Any is
selected, the IP based ACL is applied to any destination port.
matched packets. Enabled only when TCP or UDP are selected in the
Protocol list. The field value is either user defined or Any. If Any is
selected, the IP based ACL is applied to any destination port.
■
TCP Flags — If checked, enables configuration of TCP flags matched
to the packet. The possible fields are:
to the packet. The possible fields are:
■
Urg — Urgent pointer field significant. The urgent pointer points to
the sequence number of the octet following the urgent data.
the sequence number of the octet following the urgent data.
■
Ack — Acknowledgement field significant. The acknowledgement
field is the byte number of the next byte that the sender expects to
receive from the receiver.
field is the byte number of the next byte that the sender expects to
receive from the receiver.
■
Psh — Push (send) the data as soon as possible, without buffering.
This is used for interactive traffic.
This is used for interactive traffic.
■
Rst — Reset the connection. This invalidates the sequence numbers
and aborts the session between the sender and receiver.
and aborts the session between the sender and receiver.
■
Syn — Synchronize Initial Sequence Numbers (ISNs). This is used to
initialize a new connection.
initialize a new connection.
■
Fin — Finish. This indicates there is no more data from the sender.
This marks a normal closing of the session between the sender and
receiver.
This marks a normal closing of the session between the sender and
receiver.
For each TCP flag, the possible field values are:
■
Set — Enables the TCP flag.
■
Unset — Disables the TCP flag.
■
Don’t Care — Does not check the packet’s TCP flag.
■
ICMP — If checked, enables filtering ICMP packets for an ICMP
message type. The possible values are:
message type. The possible values are:
■
Select from List — Selects an ICMP message type from a list.
■
ICMP Type — Specifies an ICMP message type.
■
Any — Does not filter for an ICMP message type.