Access Control List (Acl) Commands - D-Link DXS-3326GSR Reference Manual

The DXS-3326GSR implements Access Control Lists that enable the Switch to deny network access to specific devices or
device groups based on IP settings or MAC address.
Command
create access_profile
delete access_profile
profile_id
config access_profile
profile_id
show access_profile
Due to a chipset limitation, the Switch currently supports a maximum of 8 access profiles, each containing a maximum of 50
rules − with the additional limitation of 50 rules total for all 8 access profiles.
Access profiles allow you to establish criteria to determine whether or not the Switch will forward packets based on the
information contained in each packet's header. These criteria can be specified on a VLAN-by-VLAN basis.
DXS-3326GSR Stackable Gigabit Layer 3 Switch
A C
CCESS ONTROL
Parameters
[ethernet {vlan | source_mac <macmask> | destination_mac
<macmask> | 802.1p | ethernet_type} | ip {vlan | source_ip_mask
<netmask> | destination_ip_mask <netmask> | dscp | [icmp {type |
code} | igmp {type} | tcp {src_port_mask <hex 0x0-0xffff> |
dst_port_mask <hex 0x0-0xffff> | flag_mask [all | {urg | ack | psh |
rst | syn | fin}]} | udp {src_port_mask <hex 0x0-0xffff> |
dst_port_mask <hex 0x0-xffff>} | protocol_id {user _mask <hex
0x0-0xffffffff> }]} | packet_content_mask {offset_0-15 <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> | offset_16-31 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>
<hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | offset_32-47 <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> | offset_48-63 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>
<hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | offset_64-79 <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff>}] {port [<portlist> | all] | profile_id <value 1-8>}
<value 1-8>
<value 1-8> [add access_id <value 1-50> [ethernet {vlan
<vlan_name 32> | source_mac <macaddr> | destination_mac
<macaddr> | 802.1p <value 0-7> | ethernet_type <hex 0x0-
0xffff> } | ip {vlan <vlan_name 32> | source_ip <ipaddr> |
destination_ip <ipaddr> | dscp <value 0-63> | [icmp {type <value
0-255> code <value 0-255>} | igmp {type <value 0-255>} | tcp
{src_port <value 0-65535> | dst_port <value 0-65535> | {urg | ack
| psh | rst | syn | fin} | udp {src_port <value 0-65535> | dst_port
<value 0-65535>} | protocol_id <value 0 - 255> {user_define <hex
0x0-0xffffffff> }]} | packet_content {offset_0-15 <hex0x0-0xffffffff>
<hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> |
offset_16-31 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> | offset_32-47 <hex 0x0-0xffffffff>
<hex 0x0-0xffffffff><hex 0x0-0xffffffff> <hex 0x0-0xffffffff> |
offset_48-63 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> | offset_64-79 <hex 0x0-0xffffffff>
<hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex0x0-0xffffffff>}] [permit
{ priority <value 0-7> {replace_priority} | replace_dscp <value 0-
63> } | deny] | delete <value 1-50>]
{profile_id <value 1-8>}
L
IST
226
25
(ACL) C
OMMANDS