Criteria

Each ACL consists of one or more rules specifying the criteria that packets will be compared against.

The following criteria are supported:

  • Any: Filters all packets

  • Host: Filters packets based on the source host IP address

  • ICMP: Filters Internet Control Message Protocol (ICMP) packets

  • IP: Filters Internet Protocol (IP) packets

  • Source IP Address: Filter packets based on one or more source IP addresses

  • TCP: Filters Transport Control Protocol (TCP) packets

  • UDP: Filters User Datagram Protocol (UDP) packets

Each of the above-mentioned criteria is described in detail in the sections that follow.

  • Any: The rule applies to all packets.

  • Host: The rule applies to a specific host as determined by its IP address.

  • ICMP: The rule applies to specific Internet Control Message Protocol (ICMP) packets, Types, or Codes. ICMP type and code definitions can be found at www.iana.org (RFC 3232).

  • IP: The rule applies to specific IP packets or fragments.

  • Source IP Address: The rule applies to specific packets originating from a specific source address or a group of source addresses.

  • TCP: The rule applies to any TCP traffic and could be filtered on any combination of source/destination IP addresses, a specific port number, or a group of port numbers. TCP port numbers definitions can be found at www.iana.org.

  • UDP: The rule applies to any UDP traffic and could be filtered on any combination of source/destination IP addresses, a specific port number, or a group of port numbers. UDP port numbers definitions can be found at www.iana.org.