Netgear M4300-24X24F (XSM4348S) - Stackable Managed Switch with 48x10G including 24x10GBASE-T and 24xSFP+ Layer 3 Guia Do Administrador
ACLs
210
Managed Switches
3.
Check the configuration using the show running-config command.
Change the Sequence of an ACL Rule
The association of sequence numbers with access control list (ACL) rules can simplify the
process of changing an ACL and can make it easier to identify the rules. Sequence numbers
let you position ACL rule entries within an ACL, resort entries, and remove entries.
process of changing an ACL and can make it easier to identify the rules. Sequence numbers
let you position ACL rule entries within an ACL, resort entries, and remove entries.
You can renumber ACL rule entries to create room to insert a new rule entry. For example,
you can specify a sequence number to insert a rule entry in the middle of an existing ACL.
you can specify a sequence number to insert a rule entry in the middle of an existing ACL.
Each ACL rule entry requires a sequence number: If you do not assign a number manually,
the switch assigns it automatically. The following applies to sequence numbers:
the switch assigns it automatically. The following applies to sequence numbers:
•
If you do not manually assign a sequence number for the rule, the switch automatically
assign a sequence number that is 10 greater than the last sequence number in the ACL,
and the rule is placed at the end of the list. If the rule is the first one in the ACL, a
sequence number of 10 is assigned. If the automatically assigned sequence number
exceeds the maximum possible value, creation of the ACL rule fails.
assign a sequence number that is 10 greater than the last sequence number in the ACL,
and the rule is placed at the end of the list. If the rule is the first one in the ACL, a
sequence number of 10 is assigned. If the automatically assigned sequence number
exceeds the maximum possible value, creation of the ACL rule fails.
•
You cannot create a rule with a sequence number that duplicates an existing sequence
number.
number.
•
If you reboot the switch, the start sequence number and increment number for ACL rules
are not saved.
are not saved.
The following example shows how you can insert an ACL rule, let the switch automatically
assign a sequence number, change the start sequence number and the sequence increment
number (that is, the number by which the sequence increases), and insert an ACL rule at a
particular position:
assign a sequence number, change the start sequence number and the sequence increment
number (that is, the number by which the sequence increases), and insert an ACL rule at a
particular position:
1.
Create an IP ACL named voice_acl without specifying a sequence number.
(Netgear Switch) #show running-config
…………………….
ip access-list acl_voice
remark "permit VOIP packets whose DSCP is EF"
permit ip any any dscp ef
remark "deny all of other packets"
deny ip any any
exit
(Netgear Switch) #config
(Netgear Switch) (Config)#ip access-list voice_acl
(Netgear Switch) (Config-ipv4-acl)#permit ip any any dscp cs5
(Netgear Switch) (Config-ipv4-acl)#permit ip any any dscp ef
(Netgear Switch) (Config-ipv4-acl)#deny ip any any
(Netgear Switch) (Config-ipv4-acl)#exit