Netgear M5300-28G-POE+ (GSM7228PSv1h2) - 12-Port Managed Gigabit Switch Softwarehandbuch

(NETGEAR Routing) #show mac access-lists mac1

ACL Name: mac1

Outbound Interface(s): control-plane

Rule Number: 1

Action......................................... permit

Source MAC Address............................. 00:00:00:00:AA:BB

Source MAC Mask................................ FF:FF:FF:FF:00:00

Committed Rate................................. 32

Committed Burst Size........................... 16

This section describes the commands you use to configure IP Access Control List (ACL) 
settings. IP ACLs ensure that only authorized users have access to specific resources and 
block any unwarranted attempts to reach network resources. 

The following rules apply to IP ACLs:

The maximum number of ACLs you can create is hardware dependent. The limit applies 
to all ACLs, regardless of type.

The maximum number of rules per IP ACL is hardware dependent.

If you configure a MAC ACL on an interface, you cannot configure an IP ACL on the 
same interface.

Wildcard masking for ACLs operates differently from a subnet mask. A wildcard mask is 
in essence the inverse of a subnet mask. With a subnet mask, the mask has ones (1's) in 
the bit positions that are used for the network address, and has zeros (0's) for the bit 
positions that are not used. In contrast, a wildcard mask has (0’s) in a bit position that 
must be checked. A 1 in a bit position of the ACL mask indicates the corresponding bit 
can be ignored. 

This command creates an IP Access Control List (ACL) that is identified by the access list 
number, which is 1-99 for standard ACLs or 100-199 for extended ACLs. 

1074 describes the parameters for the access-list command.

IP Standard ACL:

Format

access-list

 

1-99 {deny | permit} {every | srcip srcmask} [log] [time-range 

time-range-name] [assign-queue queue-id] [{mirror | redirect} 

unit/slot/port]

Mode

Global Config