Netgear XCM8810 - 8800 SERIES 10-SLOT CHASSIS SWITCH ユーザーズマニュアル

Note that the description begins with the tag 

@description

 and is a text string enclosed in 

quotes. 

You can apply the policy to port 1, using the following command:

configure access-list denyping port 1

and display the policy using the following command:

show policy denyping

The output of this command is similar to the following:

Policies at Policy Server:

Policy: denyping

@description This line is a description for the denyping.pol

entry ping_deny_echo-request {

if match all {

    protocol icmp ;

    icmp-type echo-request ;

}

then {

    deny  ;

    count pingcount_deny ;

}

}

Number of clients bound to policy: 1

Client: acl bound once

Types of Rule Entries

In XCM8800, each rule can be one of following types:

L2 rule—A rule containing only Layer 2 (L2) matching conditions, such as Ethernet MAC 

address and Ethernet type

L3 rule—A rule containing only Layer 3 (L3) matching conditions, such as source or 

destination IP address and protocol

L4 rule—A rule containing both Layer 3 (L3) and Layer 4 (L4) matching conditions, such 

as TCP/UDP port number

Match Conditions 

You can specify multiple, single, or zero match conditions. If no match condition is specified, 
all packets match the rule entry. Commonly used match conditions are:

ethernet-source-address <mac-address>

—Ethernet source address

ethernet-destination-address <mac-address> <mask>

—Ethernet destination address 

and mask