Netgear M4100-26G CLI Manual - Page 481
ip access-group
View all Netgear M4100-26G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 481 highlights
ProSafe M4100 and M7100 Managed Switches Note: The mirror parameter allows traffic matching this rule to be copied to the specified , while the redirect parameter allows traffic matching this rule to be forwarded to the specified . The assign-queue and redirect parameters are valid only for a permit rule. A rule might either deny or permit traffic according to the specified classification fields. At a minimum, either every keyword or the protocol, source address, and destination address values must be specified. The source and destination IP address fields might be specified using the keyword 'any' to indicate a match on any value in that field. The remaining command parameters are all optional, but the most frequently used parameters appear in the same relative order as shown in the command format. The assign-queue parameter allows specification of a particular hardware queue for handling traffic that matches this rule. The allowed value is 0-(n-1), where n is the number of user configurable queues available for the hardware platform. The assign-queue parameter is valid only for a permit rule. The time-range parameter allows imposing time limitation on the IP ACL rule as defined by the parameter . If a time range with the specified name does not exist and the IP ACL containing this ACL rule is applied to an interface or bound to a VLAN, then the ACL rule is applied immediately. If a time range with specified name exists and the IP ACL containing this ACL rule is applied to an interface or bound to a VLAN, then the ACL rule is applied when the time-range with specified name becomes active. The ACL rule is removed when the time-range with specified name becomes inactive. The user can specify a simple rate limiter for packets matching an ACL "permit" rule. The user needs to specify the burst size in kbytes and allowed rate of traffic in kbps. The conforming traffic is allowed to transmit, and non-conforming traffic is dropped. This action is ignored for any "deny" rule, since by definition matching packets are dropped. Format Mode {deny | permit} {every | {{icmp | igmp | ip | tcp | udp | } [{eq { | } [{eq {| }] [precedence | tos | dscp ] [log] [rate-limit ] [timerange ] [assign-queue ] [{mirror | redirect} [lag | ] Ipv4-Access-List Config ip access-group This command either attaches a specific IP ACL identified by to an interface or associates with a VLAN ID in a given direction. The parameter is the name of the access control list. An optional sequence number might be specified to indicate the order of this IP access list relative to other IP access lists already assigned to this interface and direction. A lower Quality of Service (QoS) Commands 481