DES-3526 / DES-3526DC Layer 2 Fast Ethernet Switch CLI Reference Manual
148
create access_profile
Parameters
ip − Specifies that the Switch will examine the IP address in each frame’s header.
• vlan − Specifies a VLAN mask.
• source_ip_mask <netmask> − Specifies an IP address mask for the source IP address.
• destination_ip_mask <netmask> − Specifies an IP address mask for the destination IP
address. |
• dscp − Specifies that the Switch will examine the DiffServ Code Point (DSCP) field in each
frame’s header.
• icmp − Specifies that the Switch will examine the Internet Control Message Protocol (ICMP)
field in each frame’s header.
type − Specifies that the Switch will examine each frame’s ICMP Type field.
code − Specifies that the Switch will examine each frame’s ICMP Code field.
• igmp − Specifies that the Switch will examine each frame’s Internet Group Management
Protocol (IGMP) field.
type − Specifies that the Switch will examine each frame’s IGMP Type field.
tcp − Specifies that the Switch will examine each frames Transport Control
Protocol (TCP) field.
• src_port_mask <hex 0x0-0xffff> − Specifies a TCP port mask for the source port.
• dst_port_mask <hex 0x0-0xffff> − Specifies a TCP port mask for the destination port.
• flag_mask – Enter the appropriate flag_mask parameter. All incoming packets have TCP
port numbers contained in them as the forwarding criterion. These numbers have flag bits
associated with them which are parts of a packet that determine what to do with the packet.
The user may deny packets by denying certain flag bits within the packets. The user may
choose between all, urg (urgent), ack (acknowledgement), psh (push), rst (reset), syn
(synchronize) and fin (finish).
udp − Specifies that the Switch will examine each frame’s Universal Datagram Protocol (UDP)
field.
• src_port_mask <hex 0x0-0xffff> − Specifies a UDP port mask for the source port.
• dst_port_mask <hex 0x0-0xffff> − Specifies a UDP port mask for the destination port.
protocol_id <value 0-255> − Specifies that the Switch will examine the protocol field in each
packet and if this field contains the value entered here, apply the following rules
• user_define_mask <hex 0x0-0xffffffff> − Specifies that the rule applies to the IP protocol ID
and the mask options behind the IP header.
packet_content_mask – Specifies that the Switch will mask the packet header beginning with the
offset value specified as follows:
• offset_0-15 – Enter a value in hex form to mask the packet from the beginning of the packet
to the 15
th
byte.
• offset_16-31 – Enter a value in hex form to mask the packet from byte 16 to byte 31.
• offset_32-47 – Enter a value in hex form to mask the packet from byte 32 to byte 47.
• offset_48-63 – Enter a value in hex form to mask the packet from byte 48 to byte 63.
• offset_64-79 – Enter a value in hex form to mask the packet from byte 64 to byte 79.
• profile_id <value 1-255> − Sets the relative priority for the profile. Priority is set relative to
other profiles where the lowest profile ID has the highest priority.
Restrictions Only administrator-level users can issue this command.
Example usage:
To create an access list rules:
To Next Page
Loading...
Need help?
General