Netgear XCM8806 Chassis Hardware Installation Guide - Page 499

NETGEAR 8800 Chassis Switch CLI Manual create access-list create access-list {non-permanent} Description Creates a dynamic ACL Syntax Description dynamic-rule conditions actions non-permanent Specifies the dynamic ACL name. The name can be from 1-32 characters long. Specifies the match conditions for the dynamic ACL. Specifies the actions for the dynamic ACLs. Specifies that the ACL is not to be saved. Default By default, ACLs are permanent. Usage Guidelines This command creates a dynamic ACL rule. Use the configure access-list add command to apply the ACL to an interface. The conditions parameter is a quoted string of match conditions, and the actions parameter is a quoted string of actions. Multiple match conditions or actions are separated by semi-colons. A complete listing of the match conditions and actions is in Chapter 17 in the NETGEAR 8800 User Manual. Dynamic ACL rule names must be unique, but can be the same as used in a policy-file based ACL. Any dynamic rule counter names must be unique. For name creation guidelines and a list of reserved names, see the section "Object Names" in the NETGEAR 8800 User Manual. By default, ACL rules are saved when the save command is executed, and persist across system reboots. Configuring the optional keyword non-permanent means the ACL will not be saved. Example The following command creates a dynamic ACL that drops all ICMP echo-request packets on the interface: create access-list icmp-echo "protocol icmp;icmp-type echo-request" "deny" The created dynamic ACL will take effect after it has been configured on the interface. The previous example creates a dynamic ACL named icmp-echo that is equivalent to the following ACL policy file entry: entry icmp-echo { if { Chapter 13. ACL Commands | 499