NETGEAR XSM7224S-100NAS Switch User Manual


 
ProSafe XSM7224S Managed Stackable Switch CLI Manual, Software Version 9.0
Quality of Service (QoS) Commands 5-38
v1.0, November 2010
IP Access Control List (ACL) Commands
This section describes the commands you use to configure IP ACL settings. IP ACLs ensure that
only authorized users have access to specific resources and block any unwarranted attempts to
reach network resources.
The following rules apply to IP ACLs:
Managed switch software does not support IP ACL configuration for IP packet fragments.
The maximum number of ACLs you can create is hardware dependent. The limit applies to all
ACLs, regardless of type.
The maximum number of rules per IP ACL is hardware dependent.
Wildcard masking for ACLs operates differently from a subnet mask. A wildcard mask is in
essence the inverse of a subnet mask. With a subnet mask, the mask has ones (1's) in the bit
positions that are used for the network address, and has zeros (0's) for the bit positions that are
not used. In contrast, a wildcard mask has (0’s) in a bit position that must be checked. A ‘1’ in
a bit position of the ACL mask indicates the corresponding bit can be ignored.
access-list
This command creates an IP Access Control List (ACL) that is identified by the access list number,
which is 1-99 for standard ACLs or 100-199 for extended ACLs.
IP Standard ACL:
Redirect
Interface
The unit/slot/port to which packets matching this rule are forwarded.
Format access-list
<1-99> {deny | permit} {every | <srcip> <srcmask>} [log]
[assign-queue <queue-id>] [{mirror | redirect} <unit/slot/port>]
Mode Global Config
Term Definition