DGS-3100 Series Gigabit Stackable Managed Switch CLI Manual
206
0-63> | rate_limit <value 64-1000000>} | deny] {time_range
<range_name 32>}
Description The config access_profile command defines the rules used by the
Switch to either filter or forward packets based on the IP part of each
packet header.
Parameters profile_id <value 1-15> – Specifies the access profile id to be
configured with this command. This value is assigned to the access
profile when it is created with the create access_profile command.
The lower the profile ID, the higher the priority the rule will be given.
add access_id <value 1-240> – Adds an additional rule to the above
specified access profile. The value specifies the relative priority of
the additional rule. Up to 240 different rules may be configured for
the IP access profile.
• auto_assign – Configures the Switch to automatically assign
a numerical value (between 1 and 240) for the rule being
configured.
ip – Specifies that the Switch examine the IP fields in each packet to
determine if it will be either forwarded or filtered based on one or
more of the following:
• source_ip <ipaddr> – Specifies that the access profile
applies only to packets with this source IP address.
• destination_ip <ipaddr> – Specifies that the access profile
applies only to packets with this destination IP address.
• dscp <value 0-63> – Specifies that the access profile
applies only to packets that have this value in their Type-of-
Service (DiffServ code point, DSCP) field in their IP packet
header.
• icmp – Specifies that the Switch examine the protocol field
in each frame’s header and it should match Internet Control
Message Protocol (ICMP).
• type – Specifies that the Switch examine each frame’s ICMP
Type field.
• code – Specifies that the Switch examine each frame’s
ICMP Code field.
• igmp – Specifies that the Switch examine each frame’s
protocol and it should match Internet Group Management
Protocol (IGMP) field.
• type – Specifies that the Switch examine each frame’s IGMP
Type field.
• tcp - Specifies that the Switch examine each frame’s
protocol and it should matchTransport Control Protocol
(TCP) field.
• src_port <value 0-65535> – Specifies that the access profile
applies only to packets that have this TCP source port in
their TCP header.
• dst_port <value 0-65535> – Specifies that the access profile
applies only to packets that have this TCP destination port in
their TCP header.
• flag {+ | –} {urg | ack | psh | rst | syn | fin }} – Specifies the
appropriate flag parameter. All incoming packets have TCP
flag bits associated with them which are parts of a packet
that determine what to do with the packet. The user may
deny packets by denying certain flag bits within the packets.
To specify flag bits that should be “1” type + and the flag bit
To Next Page
Loading...
Need help?
General
