Support User Manuals

NETGEAR GS700TR Switch User Manual

Open as PDF

of 276

GS700TR Smart Switch Software Administration Manual

Managing Device Security 6-43

v1.0, May, 2008

2. To add a rule, complete the desired fields and click Add.

3. To delete a rule, select the check box associated with the rule and click Delete.

4. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the

latest value of the switch.

5. To change a rule, select the check box associated with the rule, change the desired fields and

click Apply.

Destination MAC Requires an Ethernet frame’s destination port MAC address to match

the address listed here. Enter a MAC address in the appropriate field.

The valid format is xx:xx:xx:xx:xx:xx.

Destination MAC Mask If desired, enter the MAC Mask associated with the Destination MAC to

match. The MAC address mask specifies which bits in the destination

MAC to compare against an Ethernet frame. Use F’s and zeros in the

MAC mask, which is in a wildcard format. An F means that the bit is not

checked, and a zero in a bit position means that the data must equal the

value given for that bit. For example, if the MAC address is

aa:bb:cc:dd:ee:ff, and the mask is 00:00:ff:ff:ff:ff, all MAC addresses with

aa:bb:xx:xx:xx:xx result in a match (where x is any hexadecimal

number).

EtherType Key Requires a packet’s EtherType to match the EtherType you select. Click

Configure, and then select the EtherType value from the dropdown

menu. If you select User Value, you can enter a custom EtherType

value.

EtherType User Value This field only appears if you select User Value from the EtherType

dropdown menu. The value you enter specifies a customized Ethertype

to compare against an Ethernet frame. The valid range of values is

(0x0600 to 0xFFFF).

Source MAC Requires a packet’s source port MAC address to match the address

listed here. Click Configure, and then enter a MAC address in the

appropriate field. The valid format is xx:xx:xx:xx:xx:xx.

Source MAC Mask If desired, enter the MAC mask for the source MAC address to match.

Use Fs and zeros in the MAC mask, which is in a wildcard format. An F

means that the bit is not checked, and a zero in a bit position means that

the data must equal the value given for that bit. The valid format is

xx:xx:xx:xx:xx:xx.

VLAN Requires a packet’s VLAN ID to match the ID listed here. Enter the

VLAN ID to apply this criteria. The valid range is 0 to 4078.

Table 6-31. MAC ACL Rule Configuration Fields (continued)

Field Description

previous next