1. Home
  2. Netgear
  3. Netgear GC728XP-100NAS User Manual
  4. Page 331

User Manual - Page 331

For GC728XP-100NAS.

Loading ...
Loading ...
Loading ...
Manage Device Security
331
Insight Managed 28-Port and 52-Port Gigabit Ethernet Smart Cloud Switches
You can either enter the port range yourself or select one of the following
protocols from the menu:
• The destination IP TCP port protocols are domain, echo, ftp, ftpdata,
www-http, smtp, telnet, pop2, pop3, and bgp.
• The destination IP UDP port protocols are domain, echo, snmp, ntp, rip,
time, who, and tftp.
Each of these values translates into its equivalent port number, which is used as
both the start and end of the port range.
Select Other from the menu to enter port numbers. If you select Other from the
menu but leave the fields blank, it means any.
• ICMPv6. Select either the Type or Message radio button:
- Type radio button. If you select the Type radio button, note the following:
• The Type and Message fields are enabled only if the protocol is ICMPv6. Use
these fields to specify a match condition for ICMPv6 packets.
• The IPv6 ACL rule matches the specified ICMPv6 message type. Possible
type numbers are in the range from 0 to 255.
• If you specify information in the Message field, the IPv6 ACL rule matches the
specified ICMPv6 message code. Possible values for code can be in the
range from 0 to 255.
• If these fields are left empty, it means any.
- Message radio button. If you select the Message radio button, select the type of
the ICMPv6 message to match with the selected IPv6 ACL rule. Specifying a type
of message implies that both the ICMPv6 type and ICMPv6 code are specified.
The ICMPv6 message is decoded into the corresponding ICMPv6 type and
ICMPv6 code within the ICMP type.
The ICMPv6 message types are destination-unreachable, echo-reply,
echo-request, header, hop-limit
, mld-query, mld-reduction, mld-report,
nd-na, nd-ns, next-header, no-admin, no-route, packet-too-big,
port-unreachable, router-solicitation, router-advertisement,
router-renumbering, time-exceeded, and unreachable.
• Fragments. Either select the Enable radio button to allow initial fragments (that is,
the fragment bit is asserted) or leave the default Disable radio button selected to
prevent initial fragments from being used.
This option is not valid for rules that match L4 information such as TCP port number,
because that information is carried in the initial packet.
• Routing. Either select the Enable radio button to match packets that include a
routing extension header or leave the default Disable radio button selected to ignore
the routing extension headers in packets.
• Flow Label. The Flow Label field is enabled only if selection from the Protocol Type
menu is ICMPv6. The flow label is 20-bit number that is unique to an IPv6 packet and
Loading ...
Loading ...
Loading ...