ACCESS CONTROL LIST COMMANDS

[no] {permit deny} tcp

{any source address-bitmask host source}

{any destination address-bitmask host destination} [precedence precedence] [tos tos] [dscp dscp]

[source-portsport [bitmask]] [destination-portdport [port-bitmask]][control-flagcontrol-flags flag-bitmask]

protocol-number– A specific protocol number. (Range: 0-255)

source – Source IP address.

destination – Destination IP address.

address-bitmask– Decimal number representing the address bits to match.

host – Keyword followed by a specific IP address.

precedence – IP precedence level. (Range: 0-7)

tos – Type of Service level. (Range: 0-15)

dscp – DSCP priority level. (Range: 0-63)

sport – Protocol25 source port number. (Range: 0-65535)

dport – Protocol25 destination port number. (Range: 0-65535)

port-bitmask– Decimal number representing the port bits to match. (Range: 0-65535)

control-flags– Decimal number (representing a bit string) that specifies flag bits in byte 14 of the TCP header. (Range: 0-63)

flag-bitmask– Decimal number representing the code bits to match.

Default Setting

None

Command Mode

Extended ACL

Command Usage

All new rules are appended to the end of the list.

Address bitmasks are similar to a subnet mask, containing four integers from 0 to 255, each separated by a period. The binary mask uses 1 bits to indicate “match” and 0 bits to indicate “ignore.” The bitmask is bitwise ANDed with the specified source IP address, and then compared

25.Includes TCP, UDP or other protocol types.

4-126

Page 417 Page 419
Page 418
Image 418
SMC Networks SMC6824M manual No permit deny tcp, Extended ACL
Page 417 Page 419

SMC6824M specifications

The SMC Networks SMC6824M is a robust and reliable managed switch that caters to the needs of small to mid-sized businesses, as well as enterprise environments. This switch is designed to provide enhanced performance, scalability, and security for network infrastructures that require efficient traffic management and comprehensive control.

One of the key features of the SMC6824M is its 24 10/100/1000BASE-T ports, which offer lightning-fast Ethernet connectivity. These ports are capable of auto-negotiation, allowing devices to automatically adjust their settings for optimal performance, making it easier to integrate various hardware into existing networks. Additionally, the switch includes four Gigabit SFP slots for fiber uplinks, which allow for extended connectivity options and improved network design.

The SMC6824M employs advanced Layer 2 and Layer 3 functionalities, giving network administrators the tools they need to manage their networks effectively. It supports features like VLAN (Virtual Local Area Network) support and Quality of Service (QoS), ensuring efficient bandwidth management and enhanced performance for critical applications. Through VLAN segmentation, it can isolate network traffic for different departments or functions, enhancing security and reducing congestion.

The switch also offers comprehensive network management capabilities through SNMP (Simple Network Management Protocol) and a web-based interface, enabling easy configuration, monitoring, and troubleshooting. The SMC6824M includes support for port mirroring, which is important for diagnostics and monitoring network performance.

Another significant characteristic of the SMC6824M is its redundancy features, which include IEEE 802.1d Spanning Tree Protocol (STP) to prevent loops and provide network resilience. This is essential for maintaining continuous operation, especially in dynamic environments where network availability is critical.

In terms of security, the SMC6824M supports 802.1X port-based authentication, ensuring that only authorized devices gain access to the network. This feature is crucial for protecting sensitive data and maintaining the integrity of the network.

Overall, the SMC Networks SMC6824M is a versatile and feature-rich managed switch that delivers the performance and flexibility required to support growing networks. Its combination of layer management, security features, and user-friendly interface makes it an excellent choice for organizations looking to enhance their network infrastructure.
Top Page Image Contents