Netgear M4300-24X24F (XSM4348S) - Stackable Managed Switch with 48x10G including 24x10GBASE-T and 24xSFP+ Layer 3 Guia Do Administrador

Access control lists (ACLs) can control the traffic entering a network. Normally ACLs reside in 

a firewall router or in a router connecting two internal networks. When you configure ACLs, 
you can selectively admit or reject inbound traffic, thereby controlling access to your network 
or to specific resources on your network. 

You can set up ACLs to control traffic at Layer 2-, or Layer 3. MAC ACLs are used for 
Layer 2. IP ACLs are used for Layer 3. Each ACL contains a set of rules that apply to 
inbound traffic. Each rule specifies whether the contents of a given field should be used to 
permit or deny access to the network, and may apply to one or more of the fields within a 
packet.

The following limitations apply to ACLs. These limitations are platform-dependent.

The maximum of number of ACLs is 100.

The maximum number of rules per ACL is 8–10.

Stacking systems do not support redirection.

The system does not support MAC ACLs and IP ACLs on the same interface. 

The system supports ACLs set up for inbound traffic only.

MAC ACLs are Layer 2 ACLs. You can configure the rules to inspect the following fields of a 
packet (limited by platform):

Source MAC address with mask.

Destination MAC address with mask.

VLAN ID (or range of IDs).

Class of Service (CoS) (802.1p).

EtherType:

Secondary CoS (802.1p).

Secondary VLAN (or range of IDs).

L2 ACLs can apply to one or more interfaces.

Multiple access lists can be applied to a single interface: the sequence number 
determines the order of execution.

You can assign packets to queues using the assign queue option.

You can redirect packets using the redirect option.