Netgear GSM7212P GSM5212P/GSM7212P/GSM7212F/GSM7224P User Manual - Page 299

Web Management User Guide cannot be set if a Redirect Interface is already configured for the ACL rule. This field is visible for a 'Permit' Action. • Match Every - Select true or false from the pull-down menu. True signifies that all packets will match the selected IP ACL and Rule and will be either permitted or denied. In this case, since all packets match the rule, the option of configuring other match criteria will not be offered. To configure specific match criteria for the rule, remove the rule and re-create it, or re-configure 'Match Every' to 'False' for the other match criteria to be visible. • Protocol Keyword - Specify that a packet's IP protocol is a match condition for the selected IP ACL rule. The possible values are ICMP, IGMP, IP, TCP, and UDP. • TCP Flag - Specify that a packet's TCP flag is a match condition for the selected IP ACL rule. The TCP flag values are URG,ACK,PSH,RST,SYN,FIN. Each TCP flag has these possible values below and can be set separately. • Ignore -A packet matches this ACL rule whatever the TCP flag in this packet is set or not. • Set(+) - A packet matches this ACL rule if the TCP flag in this packet is set. • Clear(-) - A packet matches this ACL rule if the TCP flag in this packet is not set. • Src IP Address - Enter an IP address using dotted-decimal notation to be compared to a packet's source IP Address as a match criteria for the selected IP ACL rule. • Src IP Mask - Specify the IP Mask in dotted-decimal notation to be used with the Source IP Address value. • Src L4 Port - Specify a packet's source layer 4 port as a match condition for the selected extended IP ACL rule. This is an optional configuration. The possible values are DOMAIN, ECHO, FTP, FTPDATA, HTTP, SMTP, SNMP, TELNET, TFTP, and WWW. Each of these values translates into its equivalent port number, which is used as both the start and end of the port range. • Dst IP Address - Enter an IP address using dotted-decimal notation to be compared to a packet's destination IP Address as a match criteria for the selected extended IP ACL rule. • Dst IP Mask - Specify the IP Mask in dotted-decimal notation to be used with the Destination IP Address value. • Dst L4 Port - Specify the destination layer 4 port match conditions for the selected extended IP ACL rule. The possible values are DOMAIN, ECHO, FTP, FTPDATA, HTTP, SMTP, SNMP, TELNET, TFTP, and WWW. Each of these values translates into its equivalent port number, which is used as both the start and end of the port range. This is an optional configuration. • Service Type - Select a Service Type match condition for the extended IP ACL rule from the pull-down menu. The possible values are IP DSCP, IP precedence, and IP TOS, which are alternative ways of specifying a match criterion for the same Service Type field in the IP header, however each uses a different user notation. After a selection is made the appropriate value can be specified. • IP DSCP - Specify the IP DiffServ Code Point (DSCP) field. The DSCP is defined as the high-order six bits of the Service Type octet in the IP header. This is an optional configuration. Enter an integer from 0 to 63. The IP DSCP is selected by 299