Netgear GSM4328PB CLI Manual Software Version 12.x - Page 975
ip access-group, deny all
View all Netgear GSM4328PB manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 975 highlights
M4300 Intelligent Edge Series Fully Managed Stackable Switches Table 14. IP ACL command parameters (continued) Parameter Description assign-queue queue-id Specifies the assign-queue, which is the queue identifier to which packets matching this rule are assigned. [{mirror | redirect} {unit/slot/port | lag lag-group-id}] Specifies the mirror or redirect interface that is the unit/slot/port or lag-group-id to which packets matching this rule are copied or forwarded. rate-limit rate burst-size Specifies the allowed rate of traffic as per the configured rate in kbps, and burst-size in kbytes. Command example: (NETGEAR Switch) (Config)#ip access-list ip1 (NETGEAR Switch) (Config-ipv4-acl)#permit icmp any any rate-limit 32 16 (NETGEAR Switch) (Config-ipv4-acl)#exit no sequence-number (IP ACL) Use this command to remove the ACL rule with the specified sequence number from the ACL. Format Modes no sequence-number MAC-Access-List Config ip access-group This command either attaches a specific IP Access Control List (ACL) identified by accesslistnumber or name to an interface, range of interfaces, or all interfaces; or associates it with a VLAN ID in a given direction. The parameter name is the name of the Access Control List. An optional sequence number may be specified to indicate the order of this IP access list relative to other IP access lists already assigned to this interface and direction. A lower number indicates higher precedence order. If a sequence number is already in use for this interface and direction, the specified access list replaces the currently attached IP access list using that sequence number. If the sequence number is not specified for this command, a sequence number that is one greater than the highest sequence number currently in use for this interface and direction is used. An optional control-plane is specified to apply the ACL on CPU port. The IPv4 control packets like RADIUS and TACACS+ are also dropped because of the implicit deny all rule added at the end of the list. To overcome this, permit rules must be added to allow the IPv4 control packets. Quality of Service Commands 975 CLI Command Reference Manual