NETGEAR M4350-24F4V 24-Port 10G SFP+ Managed AV Network Switch User Manual
Page 809
If no rules exists, the Basic ACL Rule Table shows the message
No rules have been
configured for this ACL
. If one or more rule exists for the ACL, the rules display in
the Basic ACL Rule Table.
6. From the ACL ID menu, select the IP ACL for which you want to add or a change a
rule.
For basic IP ACLs, this must be an ID in the range from 1 to 99.
7. Click the Add button.
The page that displays lets you configure the basic (standard) ACL rule.
8. Specify the following match criteria for the rule:
•
Sequence Number: Enter an ACL sequence number in the range from 1 to
2147483647 that is used to identify the rule. An IP ACL can contain up to 50 rules.
•
Action: Select the ACL forwarding action, which is one of the following:
-
Permit: Forward packets that meet the ACL criteria.
Egress Queue: If the selection form the Action menu is Permit, you can
specify the hardware egress queue identifier that is used to handle all packets
matching this IP ACL rule. The range of queue IDs is from 0 to 6.
-
Deny: Drop packets that meet the ACL criteria.
Logging: If the selection from the Action menu is Deny, you can enable
logging for the ACL by selecting the Enable radio button. (Logging is subject
to resource availability on the switch.)
•
Match Every: Select one of the radio buttons to specify whether all packets must
match the selected IP ACL rule:
-
Enable: All packets must match the selected IP ACL rule and are either
permitted or denied.
-
Disable: Not all packets need to match the selected IP ACL rule.
•
Mirror Interface: From the menu, select the egress interface to which the
matching traffic stream must be copied, in addition to being forwarded normally
by the switch.
You can either select a mirror interface or a redirect interface. These options are
mutually exclusive.
•
Redirect Interface: From the menu, select the egress interface to which the
matching traffic stream must be redirected, bypassing any forwarding decision
normally performed by the switch.
You can either select a redirect interface or a mirror interface. These options are
mutually exclusive.
•
Src IP Address: Specify an IP address using dotted-decimal notation to be
compared to a packet’s source IP address as a match criterion for the selected
IP ACL rule.
Main User Manual
809
Manage Switch Security
Fully Managed Switches M4350 Series Main User Manual