DGS-3700-12/DGS-3700-12G Series Layer 2 Gigabit Ethernet User Manual
177
Figure 7- 23 Add ACL Profile window (Packet Content)
Click on the boxes at the top of the table, which will then turn red and reveal parameters for configuration. To create a
new entry, enter the correct information and click Create. To return to the Access Profile List window, click <<Back.
The following parameters can be set for Packet Content:
Parameter Description
Chunk
Allows users to examine up to four specified offset_chunks within a packet at one time and
specifies the frame content offset and mask. There are four chunk offsets and masks that can be
configured. A chunk mask presents four bytes. Four offset_chunks can be selected from a
possible 32 predefined offset_chunks as described below:
offset_chunk_1,
offset_chunk_2,
offset_chunk_3,
offset_chunk_4.
chunk0 chunk1 chunk2 …… chunk29 chunk30 chunk31
B126,
B127,
B0,
B1
B2,
B3,
B4,
B5
B6,
B7,
B8,
B9
…… B114,
B115,
B116,
B117
B118,
B119,
B120,
B121
B122,
B123,
B124,
B125
Example:
offset_chunk_1 0 0xffffffff will match packet byte offset 126,127,0,1
offset_chunk_1 0 0xffff will match packet byte offset,0,1
Note: Only one packet_content_mask profile can be created.
With this advanced unique Packet Content Mask (also known as Packet Content Access Control
List - ACL), the D-Link switch family can effectively mitigate some network attacks like the
common ARP Spoofing attack that is wide spread today. This is why the Packet Content ACL is
To Next Page
Loading...
