Netgear GSM4328PB CLI Manual Software Version 12.x - Page 968
Specifying host A.B.C.D implies, packet-too-big
View all Netgear GSM4328PB manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 968 highlights
M4300 Intelligent Edge Series Fully Managed Stackable Switches Parameter Description dstip dstmask |any | host dstip Specifies a destination IP address and netmask for match condition of the IP ACL rule. Specifying any implies specifying dstip as 0.0.0.0 and dstmask as 255.255.255.255. Specifying host A.B.C.D implies dstip as A.B.C.D and dstmask as 0.0.0.0. [precedence precedence | tos tos Specifies the TOS for an IP ACL rule depending on a match of precedence [tosmask] | dscp dscp] or DSCP values using the parameters precedence, tos or dscp. tosmask is an optional parameter. flag [+fin | -fin] [+syn | -syn] [+rst | -rst] [+psh | -psh] [+ack | -ack] [+urg | -urg] [established] Note: This option is available only if the protocol is tcp. Specifies that the IP ACL rule matches on the TCP flags. When + is specified, a match occurs if the specified flag is set in the TCP header. When - is specified, a match occurs if the specified flag is not set in the TCP header. When established is specified, a match occurs if the specified RST or ACK bits are set in the TCP header. Two rules are installed in the hardware when the established option is specified. [icmp-type icmp-type [icmp-code icmp-code] | icmp-message icmp-message] Note: This option is available only if the protocol is icmp. Specifies a match condition for ICMP packets. When icmp-type is specified, the IP ACL rule matches on the specified ICMP message type, a number from 0 to 255. When icmp-code is specified, the IP ACL rule matches on the specified ICMP message code, a number from 0 to 255. Specifying icmp-message implies that both icmp-type and icmp-code are specified. The following icmp-message options are supported: echo, echo-reply, host-redirect, mobile-redirect, net-redirect, net-unreachable, redirect, packet-too-big, port-unreachable, source-quench, router-solicitation, router-advertisement, time-exceeded, ttl-exceeded, and unreachable. igmp-type igmp-type This option is available only if the protocol is igmp. When igmp-type is specified, the IP ACL rule matches on the specified IGMP message type, a number from 0 to 255. fragments Specifies that the IP ACL rule matches on fragmented IP packets. [log] Specifies that this rule is to be logged. [time-range time-range-name] Allows imposing time limitation on the ACL rule as defined by the parameter time-range-name. If a time range with the specified name does not exist and the ACL containing this ACL rule is applied to an interface or bound to a VLAN, then the ACL rule is applied immediately. If a time range with specified name exists and the ACL containing this ACL rule is applied to an interface or bound to a VLAN, the ACL rule is applied when the time-range with specified name becomes active. The ACL rule is removed when the time-range with specified name becomes inactive. For information about configuring time ranges, see Time Range Commands for Time-Based ACLs on page 990. Quality of Service Commands 968 CLI Command Reference Manual