Access Control List (Acl) Commands - D-Link xStack DGS-3324SRi Command Line Interface Reference Manual

The xStack family of switches implement Access Control Lists that enable the Switch to deny network access to specific devices
or device groups based on IP settings, MAC address, packet content and IPv6 settings.
Command
create access_profile
delete access_profile
profile_id
config access_profile
profile_id
show access_profile
xStack Gigabit Layer 3 Switch Command Line Interface Manual
A
CCESS
Parameters
[ethernet {vlan | source_mac <macmask 000000000000-ffffffffffff>
| destination_mac <macmask 000000000000-ffffffffffff> | 802.1p |
ethernet_type} | ip {vlan | source_ip_mask <netmask> |
destination_ip_mask <netmask> | dscp | [icmp {type | code} | igmp
{type} | tcp {src_port_mask <hex 0x0-0xffff> | dst_port_mask <hex
0x0-0xffff> | flag_mask [all | {urg | ack | psh | rst | syn | fin}]} | udp
{src_port_mask <hex 0x0-0xffff> | dst_port_mask <hex 0x0-xffff>}
| protocol_id {user _mask <hex 0x0-0xffffffff> }]} |
packet_content_mask {offset_0-15 <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | offset_16-31
<hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex
0x0-0xffffffff> | offset_32-47 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>
<hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | offset_48-63 <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> | offset_64-79 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>
<hex 0x0-0xffffffff> <hex 0x0-0xffffffff>} | ipv6 {class | flowlabel |
source_ipv6_mask <ipv6mask> | destination_ipv6_mask
<ipv6mask>}] profile_id <value 1-8>}
<value 1-8>
<value 1-8> [add access_id <value 1-100> [ethernet {vlan
<vlan_name 32> | source_mac <macaddr 000000000000-
ffffffffffff> | destination_mac <macaddr 000000000000-ffffffffffff> |
802.1p <value 0-7> | ethernet_type <hex 0x0-0xffff>} port <port>
[permit {priority <value 0-7> {replace_priority} | replace_dscp
<value 0-63> } | deny] | ip {vlan <vlan_name 32> | source_ip
<ipaddr> | destination_ip <ipaddr> | dscp <value 0-63> | [icmp
{type <value 0-255> code <value 0-255>} | igmp {type <value 0-
255>} | tcp {src_port <value 0-65535> | dst_port <value 0-65535>
| urg | ack | psh | rst | syn | fin} | udp {src_port <value 0-65535> |
dst_port <value 0-65535>} | protocol_id <value 0 - 255>
{user_define <hex 0x0-0xffffffff> }]} port <port> [permit {priority
<value 0-7> {replace_priority} | replace_dscp <value 0-63> } |
deny] | packet_content {offset_0-15 <hex0x0-0xffffffff> <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | offset_16-31
<hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex
0x0-0xffffffff> | offset_32-47 <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff><hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | offset_48-63
<hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex
0x0-0xffffffff> | offset_64-79 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>
<hex 0x0-0xffffffff> <hex0x0-0xffffffff>} port <port> [permit { priority
<value 0-7> {replace_priority} | replace_dscp <value 0-63> } |
deny] | ipv6 {class <value 0-255> | flowlabel <hex 0x0-0xfffff> |
source_ipv6 <ipv6addr> | destionation_ipv6 <ipv6addr>} port
<port> [permit {priority <value 0-7> {replace_priority} } | deny] |
delete <value 1-100>]
{profile_id <value 1-8>}
C L
ONTROL IST
218
25
(ACL) C
OMMANDS