Netgear GS752TXS - Stackable Smart Gigabit Ethernet Switch 관리자 가이드
233
GS752TXS and GS728TXS Smart Switches
-
Permit
. Forwards packets which meet the ACL criteria.
-
Deny
. Drops packets which meet the ACL criteria.
•
Egress Queue
. Specifies the hardware egress queue identifier used to handle all
packets matching this ACL rule.
•
Logging
. When set to Enable, logging is enabled for this ACL rule (subject to
resource availability in the device). If the Access List Trap Flag is also enabled, then
this causes periodic traps to be generated indicating the number of times this rule was
hit during the current report interval. A fixed 5-minute report interval is used for the
entire system. A trap is not issued if the ACL rule hit count is zero for the current
interval. This field is visible for a Deny action.
this causes periodic traps to be generated indicating the number of times this rule was
hit during the current report interval. A fixed 5-minute report interval is used for the
entire system. A trap is not issued if the ACL rule hit count is zero for the current
interval. This field is visible for a Deny action.
•
Match Every
. Requires a packet to match the criteria of this ACL. Select True or
False from the drop-down menu. Match Every is exclusive to the other filtering rules,
so if Match Every is True, the other rules on the screen are not available.
so if Match Every is True, the other rules on the screen are not available.
•
Src IP Address
. Requires a packet’s source IP address to match the address listed
here. Enter an IP Address in the appropriate field using dotted-decimal notation. The
address you enter is compared to a packet's source IP Address.
address you enter is compared to a packet's source IP Address.
•
Src IP Mask
. Specifies the source IP address wildcard mask. Wild card masks
determine which bits are used and which bits are ignored. A wild card mask of
255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that
all of the bits are important. Wildcard masking for ACLs operates differently from a
subnet mask. A wildcard mask is in essence the inverse of a subnet mask. For
example, to apply the rule to all hosts in the 192.168.1.0/24 subnet, enter 0.0.0.255 in
the Source IP Mask field. This field is required when you configure a source IP
address.
255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that
all of the bits are important. Wildcard masking for ACLs operates differently from a
subnet mask. A wildcard mask is in essence the inverse of a subnet mask. For
example, to apply the rule to all hosts in the 192.168.1.0/24 subnet, enter 0.0.0.255 in
the Source IP Mask field. This field is required when you configure a source IP
address.
6.
Click Apply.
To modify the match criteria for an ACL rule:
1.
From the ACL Name list on the IP Rules screen, select the ACL that includes the rule to
update.
2.
In the Basic ACL Rule Table, click the rule ID.
The rule ID is a hyperlink to the Standard ACL Rule Configuration screen.
3.
Modify the ACL rule information.
4.
Click Apply.
To delete and IP ACL rule:
1.
In the Basic ACL Rule Table on the IP Rules screen, select the check box associated with
the rule to remove.
2.
Click Delete.
IP Extended Rules
Use the IP Extended Rules screen to define rules for IP-based extended ACLs. The access
list definition includes rules that specify whether traffic matching the criteria is forwarded
normally or discarded.
list definition includes rules that specify whether traffic matching the criteria is forwarded
normally or discarded.