Netgear S3300-28X (GS728TX) - ProSAFE S3300 Smart Switch Series 관리자 가이드
Managing Device Security
264
S3300 Smart Switch
-
Select one of the keyword from the list: DOMAIN, ECHO, FTP, FTPDATA, HTTP,
SMTP, SNMP, TELNET, TFTP, and WWW. Each of these values translates into its
equivalent port number, which is used as both the start and end of the port range.
SMTP, SNMP, TELNET, TFTP, and WWW. Each of these values translates into its
equivalent port number, which is used as both the start and end of the port range.
•
Flow Label. Flow label is 20-bit number that is unique to an IPv6 packet, used by end
stations to signify quality-of-service handling in routers. Flow label can be specified
within the range (0 to 1048575).
stations to signify quality-of-service handling in routers. Flow label can be specified
within the range (0 to 1048575).
•
IPv6 DSCP Service. Specify the IP DiffServ Code Point (DSCP) field. The DSCP is
defined as the high-order six bits of the Service Type octet in the IPv6 header. This is
an optional configuration. Enter an integer from 0 to 63. The IPv6 DSCP is selected
by possibly selection one of the DSCP keyword from a drop-down menu. If a value is
to be selected by specifying its numeric value, then select the Other option in the
drop-down menu and a text box will appear where the numeric value of the DSCP can
be entered.
defined as the high-order six bits of the Service Type octet in the IPv6 header. This is
an optional configuration. Enter an integer from 0 to 63. The IPv6 DSCP is selected
by possibly selection one of the DSCP keyword from a drop-down menu. If a value is
to be selected by specifying its numeric value, then select the Other option in the
drop-down menu and a text box will appear where the numeric value of the DSCP can
be entered.
6.
Click the Apply button.
To delete an IPv6 rule:
1.
On the IPv6 Rules screen in the ACL Name list, select the name of the ACL that
includes the rule to remove.
includes the rule to remove.
2.
In the IPv6 Rule Table, select the check box of the rule to delete.
3.
Click the Delete button.
IP Binding Configuration
When an ACL is bound to an interface, all the rules that have been defined are applied to the
selected interface. Use the IP Binding Configuration screen to assign ACL lists to ACL
Priorities and Interfaces.
selected interface. Use the IP Binding Configuration screen to assign ACL lists to ACL
Priorities and Interfaces.
To bind an IP ACL to one or more interfaces:
1.
Select Security
ACL > Advanced
IP Binding Configuration.
2.
From the ACL ID list, select an existing IP ACL in which you want to add an IP ACL interface
binding.
binding.
The packet filtering direction for ACL is Inbound, which means the IP ACL rules are
applied to traffic entering the port.
applied to traffic entering the port.
3.
(Optionally) In the Sequence Number field, specify a sequence number to indicate the order
of this access list relative to other access lists already assigned to this interface and
direction.
of this access list relative to other access lists already assigned to this interface and
direction.
A low number indicates high precedence order. If a sequence number is already in use
for this interface and direction, then the specified access list replaces the currently
attached access list using that sequence number. If the sequence number is not specified
by the user, then a sequence number that is one greater than the highest sequence
number currently in use for this interface and direction will be used. The valid range is
1–4294967295.
attached access list using that sequence number. If the sequence number is not specified
by the user, then a sequence number that is one greater than the highest sequence
number currently in use for this interface and direction will be used. The valid range is
1–4294967295.
4.
Click the appropriate icon to expose the available ports or LAGs.