Netgear GSM7248R CLI Reference Manual - for 7200RS Series Layer-2 Stackable Sw - Page 250
access-list
View all Netgear GSM7248R manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 250 highlights
Command Line Interface Reference for the ProSafe 7200RS Series Layer-2 Stackable Switches 13.8.1 access-list This command creates an IP Access Control List (ACL) that is identified by the ACL number. The IP ACL number is an integer from 1 to 99 for an IP standard ACL and from 100 to 199 for an IP extended ACL. The IP ACL rule is specified with either a permit or deny action. The protocol to filter for an IP ACL rule is specified by giving the protocol to be used like icmp,igmp,ip,tcp,udp. The command specifies a source IP address and source mask for match condition of the IP ACL rule specified by the srcip and srcmask parameters. The source layer 4 port match condition for the IP ACL rule is specified by the port value parameter. The range of values is from 0 to 65535. The parameter uses a single keyword notation and currently has the values of domain, echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp, and www. Each of these values translates into its equivalent port number, which is used as both the start and end of a port range. The command specifies a destination IP address and destination mask for match condition of the IP ACL rule specified by the dstip and dstmask parameters. The command specifies the TOS for an IP ACL rule depending on a match of precedence or DSCP values using the parameters dscp, precedence, tos/tosmask. The command specifies the TCP flags for an IP ACL rule depending on a TCP flag match. Supported options are: • URG (Urgent Pointer Flag)-identifies incoming data as urgent • ACK (Acknowledgement Flag)-Acknowledges successful receipt of packets • PSH (Push Flag)-Ensures that the data is given priority • RST (Reset Flag)-Used when a segment arrives that is not intended for the current connection • SYM (Synchronization Flag)-Initially sent when establishing a 3-way handshake • FIN (FIN Flag)-Used to tear down virtual connections The command specifies the assign-queue which is the queue identifier to which packets matching this rule are assigned. Default none 13-34 Quality of Service (QoS) Commands v1.0, October 2008