Netgear GS418TPP User Manual - Page 353
Mirror Interface, Match Every
View all Netgear GS418TPP manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 353 highlights
ProSAFE 8-Port or 16-Port Gigabit Smart Managed Switch Model GS418TPP, GS510TLP, and GS510TPP 8. Configure the following match criteria for the rule: • Sequence Number. Enter a whole number in the range of 1 to 2147483647 that is used to identify the rule. An extended IP ACL can contain up to 50 rules. • Action. Select the ACL forwarding action, which is one of the following: - Permit. Forward packets that meet the ACL criteria. - Deny. Drop packets that meet the ACL criteria. • Egress Queue. If the selection from the Action menu is Permit, select the hardware egress queue identifier that is used to handle all packets matching this IP ACL rule. The range of queue IDs is 0 to 7. • Logging. If the selection form the Action menu is Deny, you can enable logging for the ACL by selecting the Enable radio button. (Logging is subject to resource availability in the device.) If the access list trap flag is also enabled, periodic traps are generated, indicating the number of times this rule was evoked during the report interval. A fixed five-minute report interval is used for the switch. A trap is not issued if the ACL rule hit count is zero for the current interval. • Match Every. From the Match Every menu, select whether all packets must match the selected IP ACL rule: - False. Not all packets need to match the selected IP ACL rule. You can configure other match criteria on the page. - True. All packets must match the selected IP ACL rule and are either permitted or denied. In this case, you cannot configure other match criteria on the page. • Interface. For a Permit action, use either a mirror interface or a redirect interface: - Select the Mirror Interface radio button and use the menu to specify the egress interface to which the matching traffic stream is copied, in addition to being forwarded normally by the device. - Select the Redirect Interface radio button and use the menu to specify the egress interface to which the matching traffic stream is forced, bypassing any forwarding decision normally performed by the device. • Protocol Type. From the menu, select a protocol that a packet's IP protocol must be matched against: IP, ICMP, IGMP, TCP, UDP, EIGRP, GRE, IPINIP, OSPF, PIM, or Other. If you select Other, specify enter a protocol number from 0 to 255. • Src. In the Src field, enter a source IP address, using dotted-decimal notation, to be compared to a packet's source IP address as a match criterion for the selected IP ACL rule: - If you select the IP Address radio button, enter an IP address or an IP address range. You can enter a relevant wildcard mask to apply this criteria. If this field is left empty, it means any. - If you select the Host radio button, the wildcard mask is configured as 0.0.0.0. If this field is left empty, it means any. Manage Device Security 353