Netgear GSM7228PS - ProSAFE 28 ports Gigabit Ethernet L2 Managed Stackable Switch with PoE Guía De Administador

MAC ACLs

MAC ACLs are Layer 2 ACLs. You can configure the rules to inspect the following fields of a 
packet (limited by platform):

Source MAC address with mask.

Destination MAC address with mask.

VLAN ID (or range of IDs).

Class of Service (CoS) (802.1p) .

EtherType:

Secondary CoS (802.1p).

Secondary VLAN (or range of IDs).

L2 ACLs can apply to one or more interfaces.

Multiple access lists can be applied to a single interface: the sequence number 

determines the order of execution.

You cannot configure a MAC ACL and an IP ACL on the same interface.

You can assign packets to queues using the assign queue option.

You can redirect packets using the redirect option.

IP ACLs

IP ACLs classify for Layer 3. Each ACL is a set of up to 10 rules applied to inbound traffic. 
Each rule specifies whether the contents of a given field should be used to permit or deny 
access to the network, and can apply to one or more of the following fields within a packet:

Source IP address

Destination IP address

Source Layer 4 port

Destination Layer 4 port

ToS byte

Protocol number

Note that the order of the rules is important: When a packet matches multiple rules, the first 
rule takes precedence. Also, once you define an ACL for a given port, all traffic not 
specifically permitted by the ACL is denied access.

ACL Configuration

To configure ACLs:

Create an ACL by specifying a name (MAC ACL) or a number (IP ACL).

Add new rules to the ACL.

Configure the match criteria for the rules.