Manualshelf

Owner's Manual

ManualsBrandsNetgear ManualsHubsNetgear XCM8806
301302303304305306307308309310
Chapter 13. ACLs | 309
NETGEAR 8800 User Manual
ICMP-code <number> ICMP code field. This value or keyword provides more specific
information than the icmp-type. Because the value's meaning
depends upon the associated icmp-type, you must specify the
icmp-type along with the icmp-code. In place of the numeric
value, you can specify one of the following text synonyms (the
field values also listed); the keywords are grouped by the
ICMP type with which they are associated:
Parameter-problem:
ip-header-bad(0), required-option-missing(1)
Redirect:
redirect-for-host (1), redirect-for-network (2),
redirect-for-tos-and-host (3), redirect-for-tos-and-net (2)
Time-exceeded:
ttl-eq-zero-during-reassembly(1), ttl-eq-zero-during-transit(0)
Unreachable:
communication-prohibited-by-filtering(13),
destination-host-prohibited(10), destination-host-unknown(7),
destination-network-prohibited(9),
destination-network-unknown(6), fragmentation-needed(4),
host-precedence-violation(14), host-unreachable(1),
host-unreachable-for-TOS(12), network-unreachable(0),
network-unreachable-for-TOS(11), port-unreachable(3),
precedence-cutoff-in-effect(15), protocol-unreachable(2),
source-host-isolated(8), source-route-failed(5)
ICMP/Ingress and
Egress
ICMP-type <number> ICMP type field. Normally, you specify this match in
conjunction with the protocol match statement. In place of the
numeric value, you can specify one of the following text
synonyms (the field values are also listed): echo-reply(0),
echo-request(8), info-reply(16), info-request(15),
mask-request(17), mask-reply(18), parameter-problem(12),
redirect(5), router-advertisement(9), router-solicit(10),
source-quench(4), time-exceeded(11), timestamp(13),
timestamp-reply(14), or unreachable(3).
ICMP/Ingress and
Egress
source-sap SSAP is a 1 byte field with possible values 0-255 decimal. The
value can be specified in decimal or hexadecimal. The SSAP
field can be found at byte offset 15 in 802.3 SNAP and LLC
formatted packets.
Ethernet/Ingress
Only
destination-sap DSAP is a 1 byte field with possible values 0-255 decimal. The
value can be specified in decimal or hexadecimal. The DSAP
field can be found at byte offset 14 in 802.3 SNAP and LLC
formatted packets.
Ethernet/Ingress
Only
Table 31. ACL Match Conditions (Continued)
Match Conditions Description Applicable
IP Protocols/
Direction