D-Link xStack DGS-3324SRi Command Line Interface Reference Manual page 231
High-density layer 3 intelligent gigabit switch
Hide thumbs
Also See for xStack DGS-3324SRi:
- User manual (392 pages) ,
- User manual (362 pages) ,
- User manual (208 pages)
Table of Contents
Advertisement
config access_profile profile_id (for Ethernet)
Restrictions
Example usage:
To configure a rule for the Ethernet access profile:
DGS-3324SRi:4#config access profile profile_id 1 add access_id 1
ethernet vlan Trinity 802.1p 1 port 1:1 permit priority 1 replace priority
Command: config access profile profile_id 1 add access_id 1 ethernet
vlan Trinity 802.1p 1 port 1:1 permit priority 1 replace priority
Success.
DGS-3324SRi:4#
create access_profile (IP)
Purpose
Syntax
Description
Parameters
xStack Gigabit Layer 3 Switch Command Line Interface Manual
the Switch.
replace_dscp <value 0-63> − Allows you to specify a value to be
written to the DSCP field of an incoming packet that meets the
criteria specified in the first part of the command. This value will
over-write the value in the DSCP field of the packet.
deny – Specifies that packets that do not match the access profile
are not permitted to be forwarded by the Switch and will be filtered.
delete access_id <value 1-100> − Use this command to delete a
specific rule from the Ethernet profile. Up to 100 rules may be
specified for the Ethernet access profile.
Only administrator-level users can issue this command.
Used to create an access profile on the Switch by examining the IP
part of the packet header. Masks entered can be combined with the
values the Switch finds in the specified frame header fields. Specific
values for the rules are entered using the config access_profile
command, below.
create access_profile ip {vlan | source_ip_mask <netmask> |
destination_ip_mask <netmask> | dscp | [icmp {type | code} |
igmp {type} | tcp {src_port_mask <hex 0x0-0xffff> |
dst_port_mask <hex 0x0-0xffff> | flag_mask [all | {urg | ack | psh
| rst | syn | fin}]} | udp {src_port_mask <hex 0x0-0xffff> |
dst_port_mask <hex 0x0-xffff>} | protocol_id {user _mask <hex
0x0-0xffffffff>}]} profile_id <value 1-8>}
This command will allow the user to create a profile for packets that
may be accepted or denied by the Switch by examining the IP part of
the packet header. Specific values for rules pertaining to the IP part
of the packet header may be defined by configuring the config
access_profile command for IP, as stated below.
ip - Specifies that the Switch will look into the IP fields in each packet
with special emphasis on one or more of the following:
vlan − Specifies a VLAN mask.
•
source_ip_mask <netmask> − Specifies an IP address mask
•
for the source IP address.
223
Advertisement
Table of Contents
