Netgear GS724Tv3 GS716Tv2/GS724Tv3 Software Admin Manual - Page 176
IP Extended Rule, Table, 35. IP ACL Rule Configuration Fields continued
View all Netgear GS724Tv3 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 176 highlights
GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-35. IP ACL Rule Configuration Fields (continued) Field Action Assign Queue ID Match Every Source IP Address Source IP Mask Description Selects the ACL forwarding action, which is one of the following: • Permit - Forwards packets which meet the ACL criteria. • Deny - Drops packets which meet the ACL criteria. Specifies the hardware egress queue identifier used to handle all packets matching this ACL rule. Enter an identifying number from 0-3 in the appropriate field. Requires a packet to match the criteria of this ACL. Select True or False from the drop down menu. Match Every is exclusive to the other filtering rules, so if Match Every is True, the other rules on the screen are not available. Requires a packet's source port IP address to match the address listed here. Enter an IP Address in the appropriate field using dotted-decimal notation. The address you enter is compared to a packet's source IP Address. Specifies the source IP address wildcard mask. Wild card masks determines which bits are used and which bits are ignored. A wild card mask of 255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that all of the bits are important. Wildcard masking for ACLs operates differently from a subnet mask. A wildcard mask is in essence the inverse of a subnet mask. With a subnet mask, the mask has ones (1's) in the bit positions that are used for the network address, and has zeros (0's) for the bit positions that are not used. In contrast, a wildcard mask has (0's) in a bit position that must be checked. A '1' in a bit position of the ACL mask indicates the corresponding bit can be ignored. This field is required when you configure a source IP address. IP Extended Rule Use the IP Extended Rules page to define rules for IP-based extended ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. Note: There is an implicit "deny all" rule at the end of an ACL list. This means that if an ACL is applied to a packet and if none of the explicit rules match, then the final implicit "deny all" rule applies and the packet is dropped. To display the IP extended Rules page: 5-50 v1.0, July 2009 Managing Device Security