Netgear GSM7212P GSM5212P/GSM7212P/GSM7212F/GSM7224P User Manual - Page 298

Web Management User Guide IP Extended Rules Use these screens to configure the rules for the IP Access Control Lists created using the IP Access Control List Configuration screen. What is shown on this screen varies depending on the current step in the rule configuration process. Note: There is an implicit "deny all" rule at the end of an ACL list. This means that if an ACL is applied to a packet and if none of the explicit rules match, then the final implicit "deny all" rule applies and the packet is dropped. To display the IP extended Rules page, click Security  ACL> Advanced  IP Extended Rules. To configure rules for an IP ACL: 1. To add an IP ACL rule, select the ACL ID to add the rule to, select the check box in the Extended ACL Rule table, and click ADD. The page displays the extended ACL Rule Configuration fields. 2. Configure the new rule. • Rule ID - Specify a number from 1-12 to identify the IP ACL rule. You can create up to 12 rules for each ACL. • Action - Selects the ACL forwarding action, which is one of the following: • Permit - Forwards packets which meet the ACL criteria. • Deny - Drops packets which meet the ACL criteria. • Logging - When set to 'Enable', logging is enabled for this ACL rule (subject to resource availability in the device). If the Access List Trap Flag is also enabled, this will cause periodic traps to be generated indicating the number of times this rule was 'hit' during the current report interval. A fixed 5 minute report interval is used for the entire system. A trap is not issued if the ACL rule hit count is zero for the current interval. This field is visible for a 'Deny' Action. • Assign Queue - Specifies the hardware egress queue identifier used to handle all packets matching this IP ACL rule. Valid range of Queue Ids is 0 to 6. • Mirror Interface - Specifies the specific egress interface where the matching traffic stream is copied in addition to being forwarded normally by the device. This field 298