Netgear M4300-12X12F (XSM4324S) - Stackable Managed Switch with 24x10G including 12x10GBASE-T and 12xSFP+ Layer 3 User Manual
Manage Device Security
603
M4200 and M4300 Series ProSAFE Managed Switches Web Management User Manual
The IPv4 ICMP message types are: echo, echo-reply, host-redirect,
mobile-redirect, net-redirect, net-unreachable, redirect, packet-too-big,
port-unreachable, source-quench, router-solicitation, router-advertisement,
time-exceeded, ttl-exceeded, and unreachable.
mobile-redirect, net-redirect, net-unreachable, redirect, packet-too-big,
port-unreachable, source-quench, router-solicitation, router-advertisement,
time-exceeded, ttl-exceeded, and unreachable.
•
Fragments
. Either select Enable to allow initial fragments (that is, the fragment bit is
asserted) or leave the default setting at Disable to prevent initial fragments from
being used.
being used.
This option is not valid for rules that match L4 information such as TCP port number,
because that information is carried in the initial packet.
because that information is carried in the initial packet.
•
Service Type
. Select a service type match condition for the extended IP ACL rule.
The possible values are IP DSCP, IP precedence, and IP TOS, which are alternative
methods to specify a match criterion for the same service type field in the IP header.
Each method uses a different user notation. After you make a selection is made, you
can specify the appropriate values.
methods to specify a match criterion for the same service type field in the IP header.
Each method uses a different user notation. After you make a selection is made, you
can specify the appropriate values.
-
IP DSCP
. This is an optional configuration. Specify the IP DiffServ Code Point
(DSCP) field. The DSCP is defined as the high-order 6 bits of the service type
octet in the IP header. Enter an integer from 0 to 63. To select the IP DSCP, select
one of the DSCP keywords from the menu. To specify a numeric value, select
Other
octet in the IP header. Enter an integer from 0 to 63. To select the IP DSCP, select
one of the DSCP keywords from the menu. To specify a numeric value, select
Other
and a field displays in which you can enter numeric value of the DSCP.
-
IP Precedence
. This is an optional configuration. The IP precedence field in a
packet is defined as the high-order three bits of the service type octet in the IP
header. Enter an integer from 0 to 7.
header. Enter an integer from 0 to 7.
-
IP TOS
. This is an optional configuration. The IP ToS field in a packet is defined
as all 8 bits of the service type octet in the IP header. The ToS bits value is a
hexadecimal number from 00 to 09 and to aa to ff. The ToS mask value is a
hexadecimal number from 00 to FF. The ToS mask denotes the bit positions in the
ToS bits value that are used for comparison against the IP ToS field in a packet.
hexadecimal number from 00 to 09 and to aa to ff. The ToS mask value is a
hexadecimal number from 00 to FF. The ToS mask denotes the bit positions in the
ToS bits value that are used for comparison against the IP ToS field in a packet.
For example, to check for an IP ToS value for which bit 7 is set and is the most
significant value, for which bit 5 is set, and for which bit 1 is cleared, use a ToS
bits value of 0xA0 and a ToS mask of 0xFF.
significant value, for which bit 5 is set, and for which bit 1 is cleared, use a ToS
bits value of 0xA0 and a ToS mask of 0xFF.
•
Rate Limit Conform Data Rate
. Specify the conforming data rate of IP ACL rule.
Valid values are 1 to 4294967295 in Kbps.
•
Rate Limit Burst Size
. Specify the burst size of the IP ACL rule. Valid values are 1 to
128 in Kbytes.
•
Time Range
. Specify the name of the time range that you want to associate with the
IP ACL rule.
9.
Click the Apply button.
The updated configuration is sent to the switch. Configuration changes take effect
immediately.
immediately.
The Rule Status field displays whether the ACL rule is active or inactive. Blank means
that no timer schedules are assigned to the rule.
that no timer schedules are assigned to the rule.