GS716Tv2 and GS724Tv3 Software Administration Manual

Protocol Type. Requires a packet’s protocol to match the protocol listed here. Select a type from the drop down menu or enter the protocol number in the available field.

Src IP Address. Requires a packet’s source IP address to match the address listed here. Type an IP Address in the appropriate field using dotted-decimal notation. The address you enter is compared to a packet's source IP Address.

Src IP Mask. Specifies the source IP address wildcard mask. Wild card masks determines which bits are used and which bits are ignored. A wild card mask of 255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that all of the bits are important. Wildcard masking for ACLs operates differently from a subnet mask. A wildcard mask is in essence the inverse of a subnet mask. For example, to apply the rule to all hosts in the 192.168.1.0/24 subnet, you type 0.0.0.255 in the Source IP Mask field. This field is required when you configure a source IP address.

Src L4 Port. Requires a packet’s TCP/UDP source port to match the port listed here. Click Complete one of the following fields:

Source L4 Keyword: Select the desired L4 keyword from a list of source ports on which the rule can be based.

Source L4 Port Number: If the source L4 keyword is Other, enter a user-defined Port ID by which packets are matched to the rule.

Dst IP Address. Requires a packet’s destination port IP address to match the address listed here. Enter an IP Address in the appropriate field using dotted-decimal notation. The address you enter is compared to a packet's destination IP Address.

Dst IP Mask. Specifies the destination IP address wildcard mask. Wild card masks determines which bits are used and which bits are ignored. A wild card mask of 255.255.255.255 indicates that no bit is important. A wildcard of 0.0.0.0 indicates that all of the bits are important. Wildcard masking for ACLs operates differently from a subnet mask. A wildcard mask is in essence the inverse of a subnet mask. For example, to apply the rule to all hosts in the 192.168.1.0/24 subnet, you type 0.0.0.255 in the Source IP Mask field. This field is required when you configure a source IP address.

Dst L4 Port. Requires a packet’s TCP/UDP destination port to match the port listed here. Complete one of the following fields:

Destination L4 Keyword: Select the desired L4 keyword from a list of destination ports on which the rule can be based.

Destination L4 Port Number: If the destination L4 keyword is Other, enter a

user-defined Port ID by which packets are matched to the rule.

Service Type. Choose one of the Service Type match conditions for the extended IP ACL rule. The possible values are IP DSCP, IP precedence, and IP TOS, which are alternative ways of specifying a match criterion for the same Service Type field in the IP header, however each uses a different user notation. After you select the service type, specify the value associated with the type.

IP DSCP: Specify the IP DiffServ Code Point (DSCP) value. The DSCP is defined as the high-order six bits of the Service Type octet in the IP header. Select an IP

Chapter 5: Managing Device Security 195

Page 194 Page 196
Page 195
Image 195
NETGEAR GS724TS-100NAS manual GS716Tv2 and GS724Tv3 Software Administration Manual
Page 194 Page 196
Top Page Image Contents