Table of Contents
Advertisement
xStack DGS/DXS-3300 Series Layer 3 Stackable Gigabit Ethernet Switch CLI Manual
create access_profile (IP)
Restrictions
Example usage:
To configure a rule for the Ethernet access profile:
DGS-3324SRi:4#create access_profile ip protocol_id profile_id 2
Command: create access_profile ip protocol_id profile_id 2
Success.
DGS-3324SRi:4#
config access_profile profile_id (IP)
Purpose
Syntax
flag_mask [all | {urg | ack | psh | rst | syn | fin}] – Enter the
•
appropriate flag_mask parameter. All incoming packets have
TCP port numbers contained in them as the forwarding
criterion. These numbers have flag bits associated with them
which are parts of a packet that determine what to do with the
packet. The user may deny packets by denying certain flag bits
within the packets. The user may choose between all, urg
(urgent), ack (acknowledgement), psh (push), rst (reset), syn
(synchronize) and fin (finish).
udp − Specifies that the Switch will examine each frame's
•
Universal Datagram Protocol (UDP) field.
src_port_mask <hex 0x0-0xffff> − Specifies a UDP port
•
mask for the source port.
dst_port_mask <hex 0x0-0xffff> − Specifies a UDP port
•
mask for the destination port.
protocol_id − Specifies that the Switch will examine each
•
frame's Protocol ID field.
user_define <hex 0x0-0xfffffff> − Enter a hexidecimal value
•
that will identify the protocol to be discovered in the packet
header.
profile_id <value 1-8> - Specifies an index number between 1 and 8
that will identify the access profile being created with this command.
Only administrator-level users can issue this command.
Used to configure the IP access profile on the Switch and to define specific
values for the rules that will be used to by the Switch to determine if a
given packet should be forwarded or filtered. Masks entered using the
create access_profile command will be combined, using a logical AND
operational method, with the values the Switch finds in the specified frame
header fields.
config access_profile profile_id <value 1-8> [add access_id
[auto_assign | <value 1-65535>] ip {vlan <vlan_name 32> | source_ip
<ipaddr> | destination_ip <ipaddr> | dscp <value 0-63> | [icmp {type
<value 0-255> code <value 0-255>} | igmp {type <value 0-255>} | tcp
{src_port <value 0-65535> | dst_port <value 0-65535> | urg | ack | psh
| rst | syn | fin} | udp {src_port <value 0-65535> | dst_port <value 0-
65535>} | protocol_id <value 0 - 255> {user_define <hex 0x0-
0xffffffff>}]} port <port> [permit {priority <value 0-7> {replace_priority}
| replace_dscp <value 0-63>} | deny | mirror] delete <value 1-65535>]
218
Advertisement
Table of Contents
