Netgear XCM89UP Command Line Interface CLI User Manual Software Version 11.x - Page 1081
router-solicitation, source-quench
View all Netgear XCM89UP manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 1081 highlights
M5300, M6100, and M7100 Series ProSAFE Managed Switches Table 17. IP ACL command parameters (continued) Parameter Description flag [+fin | -fin] [+syn | -syn] [+rst | -rst] [+psh | -psh] [+ack | -ack] [+urg | -urg] [established] Specifies that the IP ACL rule matches on the tcp flags. When + is specified, a match occurs if specified flag is set in the TCP header. When - is specified, a match occurs if specified flag is NOT set in the TCP header. When established is specified, a match occurs if either the specified RST or ACK bits are set in the TCP header. Two rules are installed in hardware to when the established option is specified. This option is available only if protocol is tcp. [icmp-type icmp-type [icmp-code icmp-code] | icmp-message icmp-message] Note: This option is available only if the protocol is ICMP. Specifies a match condition for ICMP packets. When icmp-type is specified, IP ACL rule matches on the specified ICMP message type, a number from 0 to 255. When icmp-code is specified, IP ACL rule matches on the specified ICMP message code, a number from 0 to 255. Specifying icmp-message implies both icmp-type and icmp-code are specified. The following icmp-message options are supported: echo, echo-reply, host-redirect, mobile-redirect, net-redirect, net-unreachable, redirect, packet-too-big, port-unreachable, source-quench, router-solicitation, router-advertisement, time-exceeded, ttl-exceeded, and unreachable. The ICMP message is decoded into corresponding ICMP type and ICMP code within that ICMP type. igmp-type igmp-type Note: This option is visible only if the protocol is IGMP. When igmp-type is specified, the IP ACL rule matches on the specified IGMP message type, a number from 0 to 255. fragments Specifies that the IP ACL rule matches on noninitial fragmented packets where the fragment extension header contains a nonzero fragment offset. The fragments keyword is an option only if the protocol is ipv6 and the operator port-number arguments are not specified. log Specifies that this rule is to be logged. time-range time-range-name Allows imposing a time limitation on the ACL rule as defined by the parameter time-range-name. If a time range with the specified name does not exist and the ACL containing this ACL rule is applied to an interface or bound to a VLAN, the ACL rule is applied immediately. If a time range with specified name exists and the ACL containing this ACL rule is applied to an interface or bound to a VLAN, the ACL rule is applied when the time-range with specified name becomes active. The ACL rule is removed when the time-range with specified name becomes inactive. assign-queue queue-id Specifies the assign-queue, which is the queue identifier to which packets matching this rule are assigned. Quality of Service Commands 1081