xStack® DES-3200 Series Layer 2 Ethernet Managed Switch CLI Reference Manual
22
3
config cpu access_profile
field within ea
ch packet.
src_port <value 0-65535> Specifies that the access profile will apply only to packets that
have this TCP source port in their TCP header.
dst_port <value 0-65535> Specifies that the access profile will apply only to packets that
have this TCP destination port in their TCP header.
flag- Enter the type of TCP flag to be matched.
all: All flags are selected
urg: TCP control flag (urgent)
ack: TCP control flag (acknowledgement)
psh: TCP control flag (push)
rst: TCP control flag (reset)
syn: TCP control flag (synchronize)
fin: TCP control flag (finish)
udp Specifies that the Switch will examine the User Datagram Protocol (UDP) field within
each packet.
src_port <value 0-65535> Specifies that the access profile will apply only to packets that
have this UDP source port in their header.
dst_port <value 0-65535> Specifies that the access profile will apply only to packets that
have this UDP destination port in their header.
protocol_id <value 0-255> Specifies that the Switch will examine the protocol field in
each packet, and if this field contains the value entered here, apply the following rules:
user_define_mask <hex 0x0-0xffffffff> Specifies that the rule applies to the IP protocol ID
and the mask options behind the IP header.
ipv6 – Denotes that IPv6 packets will be examined by the Switch for forwarding or filtering
based on the rules configured in the config access_profile command for IPv6. IPv6
packets may be identified by the following:
class <value 0-255>– Entering this parameter will instruct the Switch to examine the class
field of the IPv6 header that is similar to the Type of Service (ToS) or Precedence bits field
in Ipv4.
flowlabel <hex 0x0-fffff> – Entering this parameter will instruct the Switch to examine the
flow label field of the IPv6 header. This flow label field is used by a source to label
sequences of packets such as non-default quality of service or real-time service packets.
source_ipv6_mask <ipv6mask> Specifies an IP address mask for the source IPv6
address.
destination_ipv6_mask <ipv6mask> Specifies an IP address mask for the destination
IPv6 address.
packet_content_mask – Specifies that the Switch will mask the packet header beginning
with the offset value specified as follows:
offset_0-76 - Enter a value in hex form to mask the packet from byte 0 to byte 76.
<portlist> Specifies a port or range of ports to be configured.
permit | deny – Specify that the packet matching the criteria configured with command will
either be permitted entry to the cpu or denied entry to the CPU.
time_range <range_name 32> – Choose this parameter and enter the name of the Time
Range settings that has been previously configured using the config time_range
command. This will set specific times when this access rule will be enabled or disabled on
the Switch.
delete access_id <value 1-5>
Use this to remove a previously created access rule in a
profile ID.
Only Administrator-level users
can issue this command.
Restrictions
To Next Page
Loading...
Need help?
General
