NETGEAR M6100 Series Reference Manual page 1040
Hide thumbs
Also See for M6100 Series:
- Hardware installation manual (76 pages) ,
- Software setup manual (34 pages) ,
- Installation manual (20 pages)
Table of Contents
Advertisement
Table 17. IP ACL command parameters (continued)
Parameter
[{range {portkey | startport} {portkey |
endport} | {eq | neq | lt | gt} {portkey
| 0-65535}]
dstip dstmask | any | host dstip
[precedence precedence | tos tos
[tosmask] | dscp dscp]
M6100 Series Switches
Description
Note:
This option is available only if the protocol is tcp or udp.
Specifies the layer 4 port match condition for the IP ACL rule. Port
number can be used, which ranges from 0-65535, or the portkey,
which can be one of the following keywords:
For tcp protocol: bgp, domain, echo, ftp, ftp-data, http,
smtp, telnet, www, pop2, or pop3.
For udp protocol: domain, echo, ntp, rip, snmp, tftp, time,
or who.
Each of these keywords translates into its equivalent port number.
When range is specified, the IP ACL rule matches only if the
layer 4 port number falls within the specified port range. The
startport and endport parameters identify the first and last
ports that are part of the port range. They have values from 0 to
65535. The ending port must have a value equal to or greater
than the starting port. The starting port, ending port, and all ports
in between will be part of the layer 4 port range.
When eq is specified, IP ACL rule matches only if the layer 4 port
number is equal to the specified port number or portkey.
When lt is specified, IP ACL rule matches if the layer 4 port
number is less than the specified port number or portkey. It is
equivalent to specifying the range as 0 to <specified port number
– 1>.
When gt is specified, IP ACL rule matches if the layer 4 port
number is greater than the specified port number or portkey. It is
equivalent to specifying the range as <specified port number + 1>
to 65535.
When neq is specified, IP ACL rule matches only if the layer 4
port number is not equal to the specified port number or port key.
Two rules are added in the hardware one with range equal to 0 to
<specified port number - 1> and one with range equal to
<specified port number + 1 to 65535>.
Note:
Port number matches only apply to unfragmented or first
fragments.
Specifies a destination IP address and netmask for match
condition of the IP ACL rule.
Specifying any implies specifying dstip as 0.0.0.0 and dstmask
as 255.255.255.255.
Specifying host A.B.C.D implies dstip as A.B.C.D and dstmask
as 0.0.0.0.
Specifies the TOS for an IP ACL rule depending on a match of
precedence or DSCP values using the parameters precedence,
tos or dscp. tosmask is an optional parameter.
Quality of Service Commands
1040
Advertisement
Chapters
Table of Contents
