Access-List - NETGEAR ProSafe FSM7328S User Manual
Layer 3 managed switch software
Hide thumbs
Also See for ProSafe FSM7328S:
- Administration manual (124 pages) ,
- Hardware installation manual (40 pages) ,
- Operating instructions manual (24 pages)
Table of Contents
Advertisement
User Manual for the NETGEAR 7300S Series Layer 3 Managed Switch Software
Note: This does not include the implicit 'deny all' rule defined at the end of every MAC ACL.
Interfaces
Direction
access-list
This command creates an Access Control List (ACL) that is identified by the parameter
<
accesslistnumber>.
normal ACL List and 100 to 199 is extended ACL List. The ACL rule is created with the option of
permit or deny . The protocol to filter for an ACL rule is specified by giving the protocol to be
used like cmp,igmp,ip,tcp,udp. The command specifies a source ipaddress and source mask for
match condition of the ACL rule specified by the srcip and srcmask parameters.The source layer 4
port match condition for the ACL rule are specified by the port value parameter.The <
and
parameters identify the first and last ports that are part of the port range. They
<endport>
have values from 0 to 65535. The ending port must have a value equal or greater than the starting
port. The starting port, ending port, and all ports in between will be part of the destination port
range.The <
portvalue>
domain, echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp
values translates into its equivalent port number, which is used as both the start and end of a port
range. The command specifies a destination ipaddress and destination mask for match condition of
the ACL rule specified by the dstip and dstmask parameters.The command specifies the TOS for
an ACL rule depending on a match of precedence or DSCP values using the parameters tos,
tosmask ,dscp.
Default
Format
Mode
Quality of Service (QoS) Commands
Displays the list of interfaces (slot/port) to which this MAC ACL
is attached in a given direction.
Denotes the direction in which this MAC ACL is attached to the
set of interfaces listed. The possible values are Inbound or Out-
bound.
The ACL number is an integer from 1 to 199. The range 1 to 99 is for
parameter uses a single keyword notation and currently has the values of
none
access-list {( <1-99> {deny | permit} <srcip> <src-
mask>) | ({<100-199> {deny | permit} {evry | {{icmp |
igmp | ip | tcp | udp | <number>} <srcip> <srcmask>
[{eq {<portkey> | <portvalue>}| range <startport>
<endport>}] <dstip> <dstmask> [{eq {<portkey> |
<portvalue>} | range <startport> <endport>}] [prece-
dence <precedence> | tos <tos> <tosmask> | dscp
<dscp>] [assign-queue <queue-id>] [redirect <slot/
port>]}})}
Global Config
202-10088-01, March 2005
startport>
, and
. Each of these
www
11-5
Advertisement
Table of Contents
