User Manual for the NETGEAR 7300S Series Layer 3 Managed Switch Software
Quality of Service (QoS) Commands 11-5
202-10088-01, March 2005
Note: This does not include the implicit 'deny all' rule defined at the end of every MAC ACL.
Interfaces Displays the list of interfaces (slot/port) to which this MAC ACL
is attached in a given direction.
Direction Denotes the direction in which this MAC ACL is attached to the
set of interfaces listed. The possible values are Inbound or Out-
bound.
access-list
This command creates an Access Control List (ACL) that is identified by the parameter
<
accesslistnumber>. The ACL number is an integer from 1 to 199. The range 1 to 99 is for
normal ACL List and 100 to 199 is extended ACL List. The ACL rule is created with the option of
permit or deny . The protocol to filter for an ACL rule is specified by giving the protocol to be
used like cmp,igmp,ip,tcp,udp. The command specifies a source ipaddress and source mask for
match condition of the ACL rule specified by the srcip and srcmask parameters.The source layer 4
port match condition for the ACL rule are specified by the port value parameter.The <
startport>
and <endport> parameters identify the first and last ports that are part of the port range. They
have values from 0 to 65535. The ending port must have a value equal or greater than the starting
port. The starting port, ending port, and all ports in between will be part of the destination port
range.The <
portvalue> parameter uses a single keyword notation and currently has the values of
domain, echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp, and www. Each of these
values translates into its equivalent port number, which is used as both the start and end of a port
range. The command specifies a destination ipaddress and destination mask for match condition of
the ACL rule specified by the dstip and dstmask parameters.The command specifies the TOS for
an ACL rule depending on a match of precedence or DSCP values using the parameters tos,
tosmask ,dscp.
Default none
Format
access-list {( <1-99> {deny | permit} <srcip> <src-
mask>) | ({<100-199> {deny | permit} {evry | {{icmp |
igmp | ip | tcp | udp | <number>} <srcip> <srcmask>
[{eq {<portkey> | <portvalue>}| range <startport>
<endport>}] <dstip> <dstmask> [{eq {<portkey> |
<portvalue>} | range <startport> <endport>}] [prece-
dence <precedence> | tos <tos> <tosmask> | dscp
<dscp>] [assign-queue <queue-id>] [redirect <slot/
port>]}})}
Mode Global Config