Netgear XCM8810 - 8800 SERIES 10-SLOT CHASSIS SWITCH ユーザーズマニュアル
Chapter 13. ACLs
|
321
NETGEAR 8800 User Manual
entry DenyNIC {
if {
protocol 17;
destination-port 161;
} then {
deny;
count denyNIC;
}
}
Applying ACL Policy Files
A policy file intended to be used as an ACL is applied to a port, VLAN, or to all interfaces (the
any
keyword). Use the name of the policy file for the
<aclname>
parameter in the CLI
command. To apply an ACL policy, use the following command:
configure access-list <aclname> [any | ports <portlist> | vlan <vlanname>]
{ingress | egress}
If you use the
any
keyword, the ACL is applied to all the interfaces and is referred to as the
wildcard ACL. This ACL is evaluated for any ports without specific ACLs, and it is also
applied to any packets that do not match the specific ACLs applied to the interfaces.
applied to any packets that do not match the specific ACLs applied to the interfaces.
If an ACL is already configured on an interface, the command will be rejected and an error
message displayed.
message displayed.
To remove an ACL from an interface, use the following command:
unconfigure access-list <policy-name> {any | ports <portlist> | vlan
<vlanname>} {ingress | egress}
To display which interfaces have ACLs configured, and which ACL is on which interface, use
the following command:
the following command:
show access-list {any | ports <portlist> | vlan <vlanname>} {ingress | egress}
This section describes the following topics:
Displaying and Clearing ACL Counters
To display the ACL counters, use the following command:
show access-list counter {<countername>} {any | ports <portlist> | vlan
<vlanname>} {ingress | egress}
To clear the access list counters, use the following command: