Chapter 6 Access Control List (Acl) Command List - D-Link DGS-1510/ME Series Reference Manual

Chapter 6
create access_profile profile_id <value 1-512> {profile_name <name 32>} [ethernet{vlan {<hex 0x0-0x0fff>} |
source_mac <macmask 000000000000-ffffffffffff> | destination_mac <macmask 000000000000-ffffffffffff> |
802.1p | ethernet_type}|ip {vlan {<hex 0x0-0x0fff>} | source_ip_mask <netmask> | destination_ip_mask
<netmask> | dscp | [icmp {type | code} | igmp {type} | tcp {src_port_mask <hex0x0-0xffff> | dst_port_mask
<hex 0x0-0xffff> | flag_mask [all | {urg | ack | psh | rst | syn | fin}]} | udp {src_port_mask <hex 0x0-0xffff> |
dst_port_mask <hex 0x0-0xffff>} | protocol_id_mask <hex 0x0-0xff> {user_define_mask <hex 0x0-0xffffffff>}]}
| packet_content_mask {offset_chunk_1 <value 0-31> <hex 0x0-0xffffffff> | offset_chunk_2 <value 0-31>
<hex 0x0-0xffffffff> | offset_chunk_3<value 0-31> <hex 0x0-0xffffffff> | offset_chunk_4 <value 0-31> <hex
0x0-0xffffffff>} | ipv6 {class |flowlabel | source_ipv6_mask <ipv6mask> | destination_ipv6_mask <ipv6mask> |
[tcp {src_port_mask <hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff>} | udp {src_port_mask <hex 0x0-
0xffff> | dst_port_mask <hex 0x0-0xffff>} | icmp {type | code}]}]
delete access_profile [profile_id <value 1-512> | profile_name <name 32> | all]
config access_profile [profile_id <value 1-512> | profile_name <name 32>] [add access_id [auto_assign |
<value 1-128>] [ethernet {[vlan <vlan_name 32> | vlan_id <vlanid 1-4094>] {mask <hex 0x0-0x0fff>} |
source_mac <macaddr> {mask <macmask>} | destination_mac <macaddr> {mask <macmask>} | 802.1p
<value 0-7> | ethernet_type <hex 0x0-0xffff>} | ip {[vlan <vlan_name 32> | vlan_id <vlanid 1-4094>] {mask
<hex 0x0-0x0fff>} | source_ip <ipaddr> {mask <netmask>} | destination_ip <ipaddr> {mask <netmask>} |
dscp <value 0-63> | [icmp {type <value 0-255> | code <value 0-255>} | igmp {type <value 0-255>} | tcp
{src_port <value 0-65535> {mask <hex 0x0-0xffff>} | dst_port <value 0-65535> {mask <hex 0x0-0xffff>} | flag
[all | {urg | ack | psh | rst | syn | fin}]} | udp {src_port <value 0-65535> {mask <hex 0x0-0xffff>} | dst_port
<value 0-65535> {mask <hex 0x0-0xffff>}} | protocol l_id <value 0-255> {user_define <hex 0x0-0xffffffff>
{mask <hex 0x0-0xffffffff>}}]} | packet_content {offset_chunk_1 <hex 0x0-0xffffffff> {mask <hex 0x0-0xffffffff>}
| offset_chunk_2 <hex 0x0-0xffffffff> {mask <hex 0x0-0xffffffff>} | offset_chunk_3 <hex 0x0-0xffffffff> {mask
<hex 0x0-0xffffffff>} | offset_chunk_4 <hex 0x0-0xffffffff> {mask <hex 0x0-0xffffffff>}} | ipv6 {class <value 0-
255> | flowlabel <hex 0x0-0xfffff> | source_ipv6 <ipv6addr> {mask<ipv6mask>} | destination_ipv6 <ipv6addr>
{mask <ipv6mask>} | [tcp {src_port <value 0-65535> {mask <hex 0x0-0xffff>} | dst_port <value 0-65535>
{mask <hex0x0-0xffff>}} | udp {src_port <value 0-65535> {mask <hex 0x0-0xffff>} | dst_port <value 0-65535>
{mask <hex 0x0-0xffff>}} | icmp {type<value 0-255> | code <value 0-255>}]}] [port [<portlist> | all] |
vlan_based [vlan <vlan_name 32> | vlan_id <vlanid 1-4094>]] [permit {priority <value 0-7> {replace_priority}
|[replace_dscp_with <value 0-63> | replace_tos_precedence_with <value 0-7>] | counter [enable | disable]} |
mirror | deny] {time_range <range_name 32>} | delete access_id <value 1-128>]
show access_profile {[profile_id <value 1-512> | profile_name <name 32>]}
config flow_meter [profile_id <value 1-512> | profile_name <name 32>] access_id <value 1-128> [rate [<value
1-10485760>] {burst_size [<value 1-262144>]} rate_exceed [drop_packet | remark_dscp <value 0-63>] |
tr_tcm cir <value 1-10485760> {cbs <value 1-262144>} pir <value 1-10485760> {pbs <value 1-262144>}
{[color_blind | color_aware]} {conform [permit | replace_dscp <value 0-63>] {counter [enable | disable]}}
exceed [permit {replace_dscp <value 0-63>} | drop] {counter [enable | disable]} violate [permit {replace_dscp
<value 0-63>} | drop] {counter [enable | disable]} | sr_tcm cir <value 1-10485760> cbs <value 1-262144>
ebs <value 1-262144> {[color_blind | color_aware]} {conform [permit | replace_dscp <value 0-63>] {counter
[enable | disable]}} exceed [permit {replace_dscp <value 0-63>} | drop] {counter [enable | disable]} violate
[permit {replace_dscp <value 0-63>} | drop] {counter [enable | disable]} | delete]
show flow_meter {[profile_id <value 1-512> | profile_name <name 32>] {access_id <value 1-128>}}
config time_range <range_name 32> [hours start_time <time hh:mm:ss> end_time <time hh:mm:ss> weekdays
<daylist> | delete]
show time_range
show current_config access_profile
DGS-1510/ME Series Metro Ethernet Switch CLI Reference Guide
Access Control List (ACL)
Command List
72