Netgear XSM4324FS CLI Manual Software Version 12.x - Page 966

M4300 Intelligent Edge Series Fully Managed Stackable Switches IP Extended ACL: Format Mode access-list 100-199 {remark comment} | {[sequence-number]} [rule 1-1023] {deny | permit} {every | {{eigrp | gre | icmp | igmp | ip | ipinip | ospf | pim | tcp | udp | 0 -255} {srcip srcmask |any | host srcip} [range {portkey | startport} {portkey | endport} {eq | neq | lt | gt} {portkey | 0-65535} {dstip dstmask | any | host dstip} [{range {portkey | startport} {portkey | endport} | {eq | neq | lt | gt} {portkey | 0-65535}] [flag [+fin | -fin] [+syn | -syn] [+rst | -rst] [+psh | -psh] [+ack | -ack] [+urg | -urg] [established]] [icmp-type icmp-type [icmp-code icmp-code] | icmp-message icmp-message] [igmp-type igmp-type] [fragments] [precedence precedence | tos tos [tosmask] | dscp dscp]}} [time-range time-range-name] [log] [assign-queue queue-id] [{mirror | redirect} {unit/slot/port | lag lag-group-id}] [rate-limit rate burst-size] Global Config IPv4 extended ACLs have the following limitations for egress ACLs: • Match on port ranges is not supported. • The rate-limit command is not supported. Parameter remark comment sequence-number 1-99 or 100-199 Description Use the remark keyword and comment parameter to add a comment (remark) to an IP standard or IP extended ACL. The remarks make the ACL easier to understand and scan. Each remark is limited to 100 characters. A remark can consist of characters in the range A-Z, a-z, and 0-9, and of special characters: space, hyphen, underscore. Remarks are displayed only in the output of the show running configuration command. For each IP standard or IP extended ACL rule, you can add one remark. You can remove only remarks that are not associated with a rule. Remarks that are associated with a rule are removed when the rule is removed. The sequence-number parameter specifies the sequence number for the ACL rule. Either you define the sequence number or is it is generated. If no sequence number exists for a rule, a sequence number that is 10 greater than the last sequence number in the ACL is used and the rule is placed at the end of the list. If this is the first ACL rule in the ACL, a sequence number of 10 is assigned. If the calculated sequence number exceeds the maximum sequence number value, the creation of the ACL rule fails. You cannot create a rule that duplicates an already existing one and you cannot configure a rule with a sequence number that is already used for another rule. For example, if you add new ACL rule to the ACL without specifying a sequence number, the rule is placed at the bottom of the list. By changing the sequence number, you can move the ACL rule to a different position in the ACL. Range 1 to 99 is the access list number for an IP standard ACL. Range 100 to 199 is the access list number for an IP extended ACL. Quality of Service Commands 966 CLI Command Reference Manual