Netgear M4100-26-POE (FSM7226Pv1h1) - 24‐port FE + 2 GE Combo L2 Managed PoE Switch 管理者ガイド
ACLs
79
ProSAFE M4100 Managed Switches
IP ACLs
IP ACLs classify for Layer 3. Each ACL is a set of up to 10 rules applied to inbound traffic.
Each rule specifies whether the contents of a given field should be used to permit or deny
access to the network, and can apply to one or more of the following fields within a packet:
Each rule specifies whether the contents of a given field should be used to permit or deny
access to the network, and can apply to one or more of the following fields within a packet:
•
Source IP address
•
Destination IP address
•
Source Layer 4 port
•
Destination Layer 4 port
•
ToS byte
•
Protocol number
Note that the order of the rules is important: When a packet matches multiple rules, the first
rule takes precedence. Also, once you define an ACL for a given port, all traffic not
specifically permitted by the ACL is denied access.
rule takes precedence. Also, once you define an ACL for a given port, all traffic not
specifically permitted by the ACL is denied access.
ACL Configuration
To configure ACLs:
1.
Create an ACL by specifying a name (MAC ACL) or a number (IP ACL).
2.
Add new rules to the ACL.
3.
Configure the match criteria for the rules.
4.
Apply the ACL to one or more interfaces.
Set Up an IP ACL with Two Rules
This section shows you how to set up an IP ACL with two rules, one applicable to TCP traffic
and one to UDP traffic. The content of the two rules is the same. TCP and UDP packets will
be accepted by the M4100 Managed Switch only if the source and destination stations have
IP addresses within the defined sets.
and one to UDP traffic. The content of the two rules is the same. TCP and UDP packets will
be accepted by the M4100 Managed Switch only if the source and destination stations have
IP addresses within the defined sets.