NETGEAR L3 Chapter 10 ACL Commands

7000 Series L3 Managed Switch Reference Manual for Software v2.0

ACL Commands 10-1

Chapter 10 ACL Commands

Show Commands

The show commands show the current settings for a command.

show acl summary

This command displays a summary of the Access Control Lists (ACLs) that are associated with

interfaces in the system.

Format show acl summary

ACL ID This field displays the ACL identifier.

Rules This field displays the number of rules that are associated with

this ACL.

Interface(s) This field displays the interface in Slot.Port format that are asso-

ciated with this ACL.

Direction This field displays the packet filtering direction for the ACL on

the interface. The possible values are ‘inbound’ and ‘outbound’.

show acl detailed

This command displays an Access Control List (ACL) and all of the rules that are defined for the

ACL. The <aclid> is the number used to identify the ACL.

Format show acl detailed <aclid>

Rule Number This displays the number identifier for each rule that is defined

for the ACL.

Action This displays the action associated with each rule. The possible

values are Permit or Deny.

Protocol This displays the protocol to filter for this rule.

Source IP Address This displays the source IP address for this rule.

Contents

Main Technical Support Please register to obtain technical support Trademarks Statement of Conditions Regulatory Compliance Information Page Page Contents Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Chapter 1 About This Guide About this Manual Organization of This Manual Typographical Conventions Special Message Formats How to Navigate this Manual How to Print this Manual Chapter 2 Switch Management Overview Switch Management Overview 2-2 Switch Management Overview Table 2-1. Comparing Switch Management Methods Chapter 3 Administration Console Telnet Interface Setting Up Your Switch Using Direct Console Access Page Introduction to the Command Menu Interface Page Chapter 4 Web-Based Management Interface How to Log In to the GSM73xx Web-Based Management Utility Introduction Interactive Switch Image Menus Page Page Page Chapter 5 Command Line Interface Syntax CLI Command Format CLI Command Values ipAddr macAddr areaid routerid CLI Annotations ipAddr macAddr Page Chapter 6 Quick Startup Quick Starting the Switch Software Version Information 6-2 Quick Startup Physical Port Data Table 6-2. Quick Start Up Physical Port Data User Account Management Slot Options 0 - The slots on the front of the switch (10/100 ports) Port Options Table 6-3. Quick Start Up User Account Management IP Address Uploading from Switch to Out-of-Band PC (Only XMODEM) Downloading from Out-of-Band PC to Switch (Only XMODEM) Quick Startup 6-5 config - configuration file errorlog - error log system trace - system trace traplog - trap log Table 6-6. Quick Start up Downloading from Out-of-Band PC to Switch (Only XMODEM) Table 6-5. Quick Start Up Uploading from Switch to Out-of-Band PC (Only XMODEM) Downloading from TFTP Server Factory Defaults Basic Configuration Examples Port Routing, RIP, and OSPF Configuration The config commands used in the following example enable OSPF on ports 0.1 and 0.2 RIP and OSPF VLAN Routing Quick Startup 6-9 Table 6-12. VLAN Routing RIP Configuration 6-10 Quick Startup This example creates two router ports to run OSPF. Table 6-13. VLAN Routing OSPF Configuration VLAN Example SOLUTION 1 SOLUTION 2 Chapter 7 Switching Commands System Information and Statistics Commands show inventory show sysinfo config sysname config syslocation config syscontact show arp switch show forwardingdb table show stats port detailed Page Page Page Page Page show stats port summary show stats switch detailed Page show stats switch summary show eventlog show msglog show traplog Management Commands show network config network parms config network protocol config network webmode config network javamode config prompt show serial config serial baudrate config serial timeout config snmpcommunity accessmode config snmpcommunity create config snmpcommunity delete config snmpcommunity ipaddr config snmpcommunity ipmask config snmpcommunity mode show snmptrap config snmptrap create config snmptrap delete config snmptrap ipaddr config snmptrap mode show trapflags config trapflags authentication config trapflags bcaststorm config trapflags linkmode config trapflags multiusers config trapflags stpmode show telnet config telnet maxsessions config telnet mode config telnet timeout show forwardingdb agetime config forwardingdb agetime Device Configuration Commands show switchconfig config switchconfig broadcast config switchconfig flowcontrol show port config port adminmode config port linktrap config port physicalmode config port lacpmode config port autoneg show lag config lag create config lag addport config lag deleteport config lag adminmode config lag linktrap config lag name config lag deletelag config lag stpmode show vlan summary show vlan detailed config vlan create config vlan delete config vlan name config vlan makestatic config vlan participation config vlan port tagging show vlan port config vlan port pvid config vlan port acceptframe config vlan port ingressfilter show protocol config protocol create config protocol delete config protocol protocol add config protocol protocol remove config protocol vlan add config protocol vlan remove config protocol interface add config protocol interface remove show garp info show garp interface Page config garp gmrp adminmode config garp gmrp interfacemode config garp gvrp adminmode config garp gvrp interfacemode config garp jointimer config garp leavetimer config garp leavealltimer show igmpsnooping config igmpsnooping adminmode config igmpsnooping groupmembershipinterval config igmpsnooping maxresponse config igmpsnooping mcrtrexpiretime config igmpsnooping interface mode show mfdb table show mfdb gmrp show mfdb igmpsnooping show mfdb staticfiltering show mfdb stats show mirroring config mirroring create config mirroring delete config mirroring mode show macfilter config macfilter create config macfilter remove config macfilter addsrc config macfilter delsrc config macfilter adddest config macfilter deldest Spanning Tree Commands show spanningtree summary config spanningtree adminmode config spanningtree forceversion config spanningtree configuration name config spanningtree configuration revision show spanningtree port config spanningtree port bpdumigrationcheck config spanningtree port mode show spanningtree bridge config spanningtree bridge maxage config spanningtree bridge hellotime config spanningtree bridge forwarddelay config spanningtree bridge priority show spanningtree cst detailed show spanningtree cst port summary show spanningtree cst port detailed config spanningtree cst port pathcost config spanningtree cst port priority config spanningtree cst port edgeport config spanningtree mst create config spanningtree mst delete config spanningtree mst vlan add config spanningtree mst vlan remove config spanningtree mst priority config spanningtree mst port pathcost config spanningtree mst port priority show spanningtree mst summary show spanningtree mst detailed show spanningtree mst port summary show spanningtree mst port detailed show spanningtree vlan User Account Management Commands show users config users add config users passwd config users delete config users snmpv3 authentication config users snmpv3 encryption config users snmpv3 accessmode show loginsession config loginsession close Security Commands config radius maxretransmit config radius timeout config radius accounting mode config radius accounting server add config radius accounting server port config radius accounting server remove config radius accounting server secret config radius server add config radius server port config radius server remove config radius server secret config radius server primary config radius server msgauth show radius summary show radius server summary show radius server stats show radius accounting summary show radius accounting stats Page config dot1x port controldir config dot1x port controlmode config dot1x port quietperiod config dot1x port transmitperiod config dot1x port supptimeout config dot1x port servertimeout config dot1x port maxrequests config dot1x port reauthperiod config dot1x port reauthenabled show dot1x summary show dot1x port summary show dot1x port detailed Page show dot1x port stats clear dot1x port stats config authentication login create config authentication login delete config authentication login set config dot1x defaultlogin config dot1x login config dot1x port users add config dot1x port users remove config users defaultlogin config users login show authentication login info show authentication login users System Utilities save config logout transfer upload mode transfer upload serverip transfer upload path transfer upload filename transfer upload datatype transfer upload start transfer download mode transfer download serverip transfer download path transfer download filename transfer download datatype transfer download start clear transfer Page clear stats switch clear igmpsnooping reset system ping Page Chapter 8 Routing Commands Routing Commands show arp table config arp agetime config arp cachesize config arp create config arp delete config arp resptime config arp retries show ip interface config interface encaps config interface routing config ip interface mtu config ip interface netdirbcast config ip interface create config ip interface delete show ip summary config ip forwarding show ip stats config routing show ip vlan config ip vlan routing create config ip vlan routing delete show router ip interface summary show router ospf info config router id config trapflags ospf config router ospf adminmode config router ospf asbr config router ospf preference show router ospf interface info show router ospf interface stats show router ospf interface summary config router ospf interface areaid config router ospf interface authtypekey config router ospf interface interval dead config router ospf interface interval hello config router ospf interface interval retransmit config router ospf interface iftransitdelay config router ospf interface mode config router ospf interface priority config router ospf interface cost show router ospf area info show router ospf area range config router ospf area range create config router ospf area range delete config router ospf area stub metric value config router ospf area stub metric type config router ospf area stub summarylsa config router ospf area stub create config router ospf area stub delete config router ospf area delete show router ospf neighbor detailed show router ospf neighbor table show router ospf stub table show router ospf lsdb summary show router rip info show router rip interface detailed show router rip interface summary config router rip adminmode config router rip preference config router rip interface authtypekey config router rip interface defaultmetric config router rip interface mode config router rip interface version receive config router rip interface version send show router ospf virtif detailed show router ospf virtif summary config router ospf virtif create config router ospf virtif delete config router ospf virtif authtypekey config router ospf virtif transdelay config router ospf virtif interval dead config router ospf virtif interval hello config router ospf virtif interval retransmit config router ospf exoverflowinterval config router ospf extlsdblimit show router route table show router route bestroutes show router route entry show router route preferences config router route create config router route delete config router route preference config router route default create config router route default delete show router vrrp info config router vrrp adminmode show router vrrp interface detailed show router vrrp interface summary show router vrrp interface stats config router vrrp interface adminmode config router vrrp interface routerID config router vrrp interface priority config router vrrp interface ipaddress config router vrrp interface preemptmode config router vrrp interface advinterval config router vrrp interface authdetails config router vrrp removedetails config router rtrdiscovery adminmode config router rtrdiscovery maxinterval config router rtrdiscovery mininterval config router rtrdiscovery lifetime config router rtrdiscovery address config router rtrdiscovery preference show router rtrdiscovery show router bootpdhcprelay config router bootpdhcprelay circuitidoptionmode config router bootpdhcprelay adminmode config router bootpdhcprelay maxhopcount config router bootpdhcprelay minwaittime config router bootpdhcprelay serverip Page Chapter 9 CLI Commands: Differentiated Services General Commands config diffserv adminmode Class Commands config diffserv class create acl config diffserv class create all config diffserv class create any config diffserv class delete config diffserv class rename config diffserv class match cos config diffserv class match dstip config diffserv class match dstl4port keyword config diffserv class match dstl4port number config diffserv class match dstl4port range config diffserv class match dstmac config diffserv class match every config diffserv class match ipdscp config diffserv class match ipprecedence config diffserv class match iptos config diffserv class match protocol keyword config diffserv class match protocol number config diffserv class match refclass config diffserv class match srcip config diffserv class match srcl4port keyword config diffserv class match srcl4port number config diffserv class match srcl4port range config diffserv class match srcmac config diffserv class match vlan Policy Commands config diffserv policy create config diffserv policy delete config diffserv policy rename config diffserv policy class add config diffserv policy class remove config diffserv policy bandwidth kbps config diffserv policy bandwidth percent config diffserv policy expedite kbps config diffserv policy expedite percent config diffserv policy mark cos config diffserv policy mark ipdscp config diffserv policy mark ipprecedence config diffserv policy police action conform drop config diffserv policy police action conform markdscp config diffserv policy police action conform markprec config diffserv policy police action conform send config diffserv policy police action exceed drop config diffserv policy police action exceed markdscp config diffserv policy police action exceed markprec config diffserv policy police action exceed send config diffserv policy police action nonconform drop config diffserv policy police action nonconform markdscp config diffserv policy police action nonconform markprec config diffserv policy police action nonconform send config diffserv policy police style simple config diffserv policy police style singlerate config diffserv policy police style tworate config diffserv policy randomdrop config diffserv policy shape average config diffserv policy shape peak Service Commands config diffserv service add config diffserv service remove Show Commands show diffserv class detailed show diffserv class summary show diffserv info show diffserv policy detailed Page show diffserv policy summary show diffserv service info detailed show diffserv service info summary show diffserv service stats detailed Page show diffserv service stats summary Page Chapter 10 ACL Commands Show Commands show acl summary show acl detailed Config Commands config acl create config acl delete config acl rule create config acl rule delete config acl rule action config acl rule match dstip config acl rule match dstl4port keyword config acl rule match dstl4port range config acl rule match every config acl rule match ipdscp config acl rule match ipprecedence config acl rule match iptos config acl rule match protocol keyword config acl rule match protocol number config acl rule match srcip config acl rule match srcl4port keyword config acl rule match srcl4port range config acl interface add config acl interface remove Appendix A Cabling Guidelines Fast Ethernet Cable Guidelines Category 5 Cable Category 5 Cable Specifications Twisted Pair Cables Patch Panels and Cables Using 1000BASE-T Gigabit Ethernet over Category 5 Cable Cabling Near End Cross Talk (NEXT) Patch Cables RJ-45 Plug and RJ-45 Connectors Page Conclusion Appendix B 802.1x Port-Based Authentication Overview Page Page Page Appendix C Glossary Use the list below to find definitions for technical terms used in this manual. Numeric A Page B C Page D E F G H I Page J L M Page Page N and information on l O P Page Q R S Page T U V W X Page Page Index Index 1 A B C 2Index Index 3 D F G H 4Index I J L M N S 6Index T U Index 7 V W X Z