Config acl rule match srcl4port keyword | NETGEAR L3 specs

7000 Series L3 Managed Switch Reference Manual for Software v2.0

config acl rule match srcl4port keyword

This command specifies a source layer 4 port match condition for an ACL rule referenced by the <aclid> and <rulenum>. The <portkey> uses a single keyword notation and has the possible values of domain, echo, ftp, ftpdata, http, smtp, snmp, telnet, tftp, and www. Each of these values translates into its equivalent port number, which is used as both the start and end of the port range.

This command and the config acl match srcl4port range command are two methods of specifying the source layer 4 port range as a match condition. Either command can be used to configure or modify the source layer 4 port range.

Format config acl rule match srcl4port keyword <aclid> <rulenum> <portkey>

config acl rule match srcl4port range

This command specifies a packet’s source layer 4 port match condition for an ACL rule referenced by the <aclid> and <rulenum>. The <startport> and <endport> parameters identify the first and last ports that are part of the port range and have values from 0 to 65535. The ending port must have a value equal or greater than the starting port. The starting port, ending port, and all ports in between will be part of the contiguous source port range.

Either the this command or config acl match srcl4port keyword can be used to specify a source layer 4 port range as a match criterion.

Format config acl rule match srcl4port range <aclid> <rulenum> <startport> <endport>

config acl interface add

This command associates an ACL with an interface in the specified direction. The <direction> parameter can have the values of in or out. The <aclid> parameter specifies the ACL to add.

Format config acl interface add <slot.port> <direction> <aclid>

ACL Commands

10-7

Image 223

NETGEAR L3 manual Config acl rule match srcl4port keyword, Config acl rule match srcl4port range, Config acl interface add

Contents

Series L3 Managed Switch Reference Manual for Software Technical Support Canadian Department of Communications Compliance Statement Page Contents Chapter Quick Startup Page Viii Contents Page Page Security Commands System Utilities Chapter Routing Commands Xiv Contents Contents Chapter CLI Commands Differentiated Services Contents Xvii Chapter ACL Commands Appendix a Cabling Guidelines Index Organization of This Manual About this Manual Special Message Formats Typographical Conventions Html version of this manual How to Navigate this Manual How to Print this Manual Chapter Switch Management Overview Comparing Switch Management Methods Setting Up Your Switch Using Direct Console Access Administration Console Telnet Interface Connection Description Connection Settings Introduction to the Command Menu Interface ESC Chapter Web-Based Management Interface GSM73xx IP address in browser address bar How to Log In to the GSM73xx Web-Based Management Utility Introduction User name/password dialog box GSM7312 System information Interactive Switch Image Menus GSM7324 Interactive switch image System-Wide Popup Menus Switch popup menus Port-Specific Popup Menus 10 Switch popup menus Series L3 Managed Switch Reference Manual for Software Config lag deleteport is the command name CLI Command FormatConfig network parms is the command name Example 2 config syslocation location CLI Command Conventions CLI Command Values MacAddr CLI Annotations Series L3 Managed Switch Reference Manual for Software Software Version Information Quick Starting the Switch User Account Management Physical Port Data IP Address Config users passwd user Switch Image on Uploading from Switch to Out-of-Band PC Only Xmodem Traplog trap log Downloading from Out-of-Band PC to Switch Only Xmodem Downloading from Tftp Server Factory Defaults Port Routing, RIP, and Ospf Configuration Basic Configuration Examples RIP and Ospf Vlan Routing 11. Ospf Configuration Example Series L3 Managed Switch Reference Manual for Software This example creates two router ports to run Ospf Creating the VLANs Vlan Example Solution Show inventory System Information and Statistics CommandsText used to identify the product name of this switch Show inventory Show sysinfo Config sysnameConfig syslocation Show sysinfo Show forwardingdb table Config syscontactShow arp switch Show arp switch Show stats port detailed slot.port Show stats port detailedPackets Received 64 Octets The total number of packets Series L3 Managed Switch Reference Manual for Software Packets Received with Series L3 Managed Switch Reference Manual for Software Broadcast Packets Transmitted The total number of packets Packets Transmitted 256-511 Octets The total numberPackets Transmitted 512-1023 Octets The total number Multicast Packets Transmitted The total number of packets 802.3x Pause Frames Received a count of MAC Control Show stats port summary slot.port Show stats port summary Show stats switch detailed Show stats switch detailed Series L3 Managed Switch Reference Manual for Software Line number of the event Show stats switch summaryShow eventlog File in which the event originated Event code Show msglogShow traplog Task ID of the event Show network Management CommandsConfig network parms Config network protocol Show serial Config network webmodeConfig network javamode Config prompt 9600 Config serial baudrateConfig serial timeout Config snmpcommunity accessmode Config snmpcommunity ipmask Config snmpcommunity createConfig snmpcommunity delete Config snmpcommunity ipaddr Config snmptrap create Config snmpcommunity modeShow snmptrap Show trapflags Config snmptrap deleteConfig snmptrap ipaddr Config snmptrap mode Config trapflags bcaststorm Config trapflags authenticationConfig trapflags linkmode Show telnet Config trapflags multiusersConfig trapflags stpmode Config telnet maxsessions Show forwardingdb agetime fdbidall Config telnet modeConfig telnet timeout Show forwardingdb agetime Config switchconfig broadcast Device Configuration CommandsConfig forwardingdb agetime Show switchconfig Able Config switchconfig flowcontrol Show port Config port adminmode Config port autoneg Config port linktrapConfig port physicalmode Config port lacpmode Show lag logical slot.portall Config lag createConfig lag addport Show lag Config lag name Config lag deleteportConfig lag adminmode Config lag linktrap Show vlan summary Config lag deletelagConfig lag stpmode Show vlan summary Show vlan detailed Config vlan detailed vlan id, where the ID is a Config vlan makestatic Config vlan createConfig vlan delete Config vlan name Config vlan port tagging Config vlan participationShow vlan port Config vlan port acceptframe Config vlan port pvidAdmit All Config vlan port acceptframe allvlan Config vlan port ingressfilterConfig protocol create Config protocol delete Config protocol vlan remove Config protocol protocol addConfig protocol protocol remove Config protocol vlan add Show garp interface Config protocol interface addConfig protocol interface remove Show garp info Specifies the interval between the transmission of Garp PDUs Config garp gvrp interfacemode Config garp gmrp adminmodeConfig garp gmrp interfacemode Config garp gvrp adminmode Config garp leavetimer Config garp jointimerConfig garp leavealltimer Show igmpsnooping Config igmpsnooping adminmode Config igmpsnooping interface mode Config igmpsnooping groupmembershipintervalConfig igmpsnooping maxresponse Config igmpsnooping mcrtrexpiretime Show mfdb gmrp Show mfdb table Show mfdb staticfiltering Show mfdb igmpsnooping Show mirroring Config mirroring createShow mfdb stats Show mirroring Config mirroring mode Config mirroring deleteShow macfilter Config macfilter remove Config macfilter createConfig macfilter addsrc Config macfilter adddest Config macfilter delsrcConfig macfilter deldest Show spanningtree summary Spanning Tree Commands Config spanningtree forceversion Config spanningtree adminmodeConfig spanningtree configuration name Config spanningtree port bpdumigrationcheck Config spanningtree configuration revisionShow spanningtree port Show spanningtree bridge Config spanningtree port modeConfig spanningtree bridge maxage Config spanningtree bridge hellotime Config spanningtree bridge priority Config spanningtree bridge forwarddelayShow spanningtree cst detailed Show spanningtree cst port detailed Show spanningtree cst port summary 128 Config spanningtree cst port pathcostConfig spanningtree cst port priority Auto Config spanningtree mst vlan add Config spanningtree cst port edgeportConfig spanningtree mst create Config spanningtree mst delete Config spanningtree mst port priority Config spanningtree mst vlan removeConfig spanningtree mst priority Config spanningtree mst port pathcost Instance List of multiple spanning trees IDs currently configuredShow spanningtree mst summary Show spanningtree mst detailed Show spanningtree mst port detailed Show spanningtree mst port summary Show spanningtree vlan vlan User Account Management CommandsShow spanningtree vlan Show users Config users snmpv3 authentication Config users addConfig users passwd Config users delete Config users snmpv3 accessmode Config users snmpv3 encryptionShow loginsession Config radius timeout Security CommandsConfig loginsession close Config radius maxretransmit Config radius accounting server add Config radius accounting modeConfig radius accounting server port Config radius server port Config radius accounting server removeConfig radius accounting server secret Config radius server add Config radius server msgauth Config radius server removeConfig radius server secret Config radius server primary Show radius server stats Secret ConfiguredShow radius summary Show radius server summary Show radius accounting summary Configured IP address of the accounting server Port in use by the accounting server Show radius accounting statsYes or No Show radius stats Config dot1x adminmodeConfig dot1x port initialize Config dot1x port reauthenticate Config dot1x port controlmode Config dot1x port controldirConfig dot1x port quietperiod Config dot1x port maxrequests Config dot1x port transmitperiodConfig dot1x port supptimeout Config dot1x port servertimeout Show dot1x port summary Config dot1x port reauthenabledSible values are Enabled and Disabled Show dot1x summary Interface whose configuration is displayed Show dot1x port stats Config authentication login delete Config authentication login createClear dot1x port stats Config dot1x port users add Config authentication login setConfig dot1x defaultlogin Config dot1x login Show authentication login info Config dot1x port users removeConfig users defaultlogin Config users login Show dot1x port users Show authentication login usersShow users authentication System Utilities Transfer upload serverip Save configTransfer upload mode Logout Transfer upload datatype Transfer upload filename Transfer download path Transfer download modeTransfer upload start Transfer download serverip Clear transfer Transfer download filenameTransfer download datatype Transfer download start Clear vlan Clear configClear pass Clear traplog Ping Clear stats switchReset system Clear igmpsnooping Series L3 Managed Switch Reference Manual for Software Show arp table Routing CommandsShow arp table Config arp delete Config arp agetimeConfig arp cachesize Config arp create Show ip interface Config arp retriesShow ip interface slot.port Are Ethernet or Snap Config interface encapsConfig interface routing Config ip interface mtu Enable Config ip interface netdirbcastConfig ip interface create Config ip interface delete Show ip vlan Config ip forwardingConfig routing Show ip stats Show router ip interface summary Config ip vlan routing createConfig ip vlan routing delete Show router ip interface summary Show router ospf info Config router idConfig router id routerid Show router ospf info Config router ospf preference Config trapflags ospfConfig router ospf adminmode Config router ospf asbr Show router ospf interface stats Show router ospf interface summary Config router ospf interface authtypekey Config router ospf interface areaidConfig router ospf interface interval dead Config router ospf interface mode Config router ospf interface interval helloConfig router ospf interface interval retransmit Config router ospf interface iftransitdelay Which is the highest router priority Config router ospf interface priorityConfig router ospf interface cost Show router ospf area info Show router ospf area range Config router ospf area range create Config router ospf area stub summarylsa Config router ospf area range deleteConfig router ospf area stub metric value Config router ospf area stub metric type Show router ospf neighbor detailed Config router ospf area stub createConfig router ospf area stub delete Config router ospf area delete Show router ospf neighbor table Show router ospf lsdb summary Show router ospf stub tableShow router ospf lsdb summary Show router ospf stub table Show router rip interface detailed Show router rip infoShow router rip interface detailed Show router rip info Show router rip interface summary Config router rip adminmodeShow router rip interface summary Default password key is an empty string. Unauthenticated Config router rip preferenceConfig router rip interface authtypekey Config router rip interface defaultmetric Both Config router rip interface modeConfig router rip interface version receive Config router rip interface version send Is the neighbor interface of the Ospf virtual interface Config router ospf virtif createShow router ospf virtif detailed Show router ospf virtif summary Config router ospf virtif interval dead Config router ospf virtif deleteConfig router ospf virtif authtypekey Config router ospf virtif transdelay Config router ospf extlsdblimit Config router ospf virtif interval helloConfig router ospf virtif interval retransmit Config router ospf exoverflowinterval Show router route table Show router route tableShow router route bestroutes Show router route entry Show router route preferences Config router route create Config router route default delete Config router route deleteConfig router route preference Config router route default create Show router vrrp interface detailed Config router vrrp adminmodeShow router vrrp interface summary Represents the router ID of the virtual router Is the IP Address that was configured on the virtual routerRepresents the state Master/backup of the virtual router Show router vrrp interface stats There is no default value for vrID Config router vrrp interface adminmodeConfig router vrrp interface routerID Config router vrrp interface priority Config router vrrp interface authdetails Config router vrrp interface ipaddressConfig router vrrp interface preemptmode Config router vrrp interface advinterval Config router rtrdiscovery mininterval Config router vrrp removedetailsConfig router rtrdiscovery adminmode Config router rtrdiscovery maxinterval Show router rtrdiscovery Config router rtrdiscovery lifetimeConfig router rtrdiscovery address Config router rtrdiscovery preference Config router bootpdhcprelay circuitidoptionmode Show router bootpdhcprelayConfig router bootpdhcprelay adminmode Config router bootpdhcprelay minwaittime Config router bootpdhcprelay maxhopcountConfig router bootpdhcprelay serverip Series L3 Managed Switch Reference Manual for Software CLI Commands Differentiated Services Config diffserv adminmode General Commands Config diffserv class create acl Class Commands Config diffserv class create any Config diffserv class create allConfig diffserv class delete None Config diffserv class renameConfig diffserv class match cos Config diffserv class match dstip Config diffserv class match dstl4port number Config diffserv class match dstl4port keyword Config diffserv class match dstmac Config diffserv class match dstl4port rangeConfig diffserv class match every Config diffserv class match ipprecedence Config diffserv class match ipdscp Config diffserv class match iptos Config diffserv class match protocol number Config diffserv class match protocol keyword Config diffserv class match srcip Config diffserv class match refclass Config diffserv class match srcl4port number Config diffserv class match srcl4port keyword Config diffserv class match srcmac Config diffserv class match srcl4port rangeConfig diffserv class match vlan Config diffserv policy create Policy Commands Config diffserv policy class remove Config diffserv policy deleteConfig diffserv policy rename Config diffserv policy class add Config diffserv policy bandwidth percent Config diffserv policy bandwidth kbps Bandwidth all forms, Shape Peak Config diffserv policy expedite kbps Config diffserv policy mark cos Config diffserv policy expedite percentOut Mark IP Precedence, Police all forms Config diffserv policy mark ipdscpConfig diffserv policy mark ipprecedence Config diffserv policy police action conform drop Config diffserv policy police action conform markprec Config diffserv policy police action conform markdscpConfig diffserv policy police action conform send Config diffserv policy police action exceed markdscp Config diffserv policy police action exceed drop Config diffserv policy police action exceed send Config diffserv policy police action exceed markprecConfig diffserv policy police action nonconform drop Config diffserv policy police action nonconform markprec Config diffserv policy police action nonconform markdscpConfig diffserv policy police action nonconform send Mark IP DSCP, Mark IP Precedence Config diffserv policy police style simpleConfig diffserv policy police style singlerate Allowed for a given class instance in a particular policy Config diffserv policy police style tworate Config diffserv policy shape average Config diffserv policy randomdrop Applied Service CommandsConfig diffserv policy shape peak Neither of the shaping rate parameters is allowed to exceed Config diffserv service remove Config diffserv service addParticular direction at any one time Show diffserv class detailed Show Commands Show diffserv info Show diffserv class summary Policy type, namely whether it is an inbound or outbound Current number of entries rows in the Service TableShow diffserv policy detailed Name of this policy Denotes the mark/re-mark value used as the Dscp for traffic Show diffserv policy summary Show diffserv service info summary Show diffserv service info detailed Slot number and port number of the interface slot.port Show diffserv service stats detailedDirection Name of this class instance Show diffserv service stats summary Series L3 Managed Switch Reference Manual for Software Show acl detailed Show acl summary Config acl rule create Config CommandsConfig acl create Config acl delete Config acl rule match dstl4port keyword Config acl rule deleteConfig acl rule action Config acl rule match dstip Config acl rule match every Config acl rule match dstl4port rangeConfig acl rule match ipdscp Config acl rule match iptos Config acl rule match ipprecedence Config acl rule match protocol number Config acl rule match protocol keywordConfig acl rule match srcip Config acl rule match srcl4port range Config acl rule match srcl4port keywordConfig acl interface add Config acl interface remove Fast Ethernet Cable Guidelines Appendix a Cabling Guidelines Category 5 Cable Category 5 Cable Specifications Twisted Pair Cables Specifications Category 5 Cable Requirements Figure A-2illustrates crossover twisted pair cable Patch Panels and Cables Cabling Using 1000BASE-T Gigabit Ethernet over Category 5 Cable Near End Cross Talk Next RJ-45 Plug and RJ-45 ConnectorsPatch Cables PIN Normal Assignment on Uplink Assignment on Ports 1 to Conclusion Appendix B 802.1x Port-Based Authentication Overview Figure B-1 802.1x authentication Series L3 Managed Switch Reference Manual for Software Series L3 Managed Switch Reference Manual for Software Numeric Appendix C Glossary See Area Border Router on See Application Programming Interface on See Bridge Protocol Data Unit on Packet sent to all devices on a network See Command Line Interface on See Device Application Programming Interface on See Distance-Vector Multicast Routing Protocol. on Computer, printer, or server that is connected to a network See Generic Attribute Registration Protocol. on See Garp Information Propagation on See Internet Group Management Protocol on See Joint Test Action Group on MAC Megabits per second See Multiplexing on See Network Address Translation on See Operating System Application Programming Interface on See Protocol Independent Multicast Dense Mode on See Quality of Service on See Routing Information Protocol on Model of Serial Management Controller from Motorola Static Random Access Memory See TLS on An abbreviation that represents Unit, Slot, Port Models Series L3 Managed Switch Reference Manual for Software Series L3 Managed Switch Reference Manual for Software Index Index Gvrp Index Index STP Xmodem