DES-3526 / DES-3526DC Layer 2 Fast Ethernet Switch CLI Reference Manual
150
config access_profile
Purpose
Used to configure an access profile on the Switch and to define specific values that will be used to
by the Switch to determine if a given packet should be forwarded or filtered. Masks entered using
the create access_profile command will be combined, using a logical AND operation, with the
values the Switch finds in the specified frame header fields. Specific values for the rules are
entered using the config access_profile command, below.
Syntax config access_profile profile_id <value 1-255> [add access_id <value 1-65535> [ethernet
{vlan <vlan_name 32> | source_mac <macaddr> | destination_mac <macaddr> | 802.1p
<value 0-7> | ethernet_type <hex 0x0-0xffff>} | ip {vlan <vlan_name 32> | source_ip <ipaddr>
| destination_ip <ipaddr> | dscp <value 0-63> | [icmp {type <value 0-255> code <value 0-
255>} | igmp {type <value 0-255>} | tcp {src_port <value 0-65535> | dst_port <value 0-65535>
| flag_mask [all | {urg | ack | psh | rst | syn | fin} | udp {src_port <value 0-65535> | dst_port
<value 0-65535>} | protocol_id <value 0 - 255> {user_define <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>}]} |
packet_content_mask {offset_0-15 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> | offset_16-31 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> | offset_32-47 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> | offset_48-63 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> | offset_64-79 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff>}] port <portlist> [permit {priority <value 0-7> {replace_priority}
| replace_dscp_with <value 0-63> } | deny] | delete access_id <value 1-65535>]
Description
The config access_profile command is used to configure an access profile on the Switch and to
enter specific values that will be combined, using a logical AND operation, with masks entered with
the create access_profile command, above.
Parameters
profile_id <value 1-255> − Enter an integer used to identify the access profile that will be
configured with this command. This value is assigned to the access profile when it is created with
the create access_profile command. The profile ID sets the relative priority for the profile and
specifies an index number that will identify the access profile being created with this command.
Priority is set relative to other profiles where the lowest profile ID has the highest priority.
• add access_id <value 1-255> − Adds an additional rule to the above specified access profile.
The value is used to index the rule created.
ethernet − Specifies that the Switch will look only into the layer 2 part of each packet.
• vlan <vlan_name 32> − Specifies that the access profile will apply to only to this VLAN.
• source_mac <macaddr> − Specifies that the access profile will apply to only packets with this
source MAC address.
• destination_mac <macaddr> − Specifies that the access profile will apply to only packets with
this destination MAC address.
• 802.1p <value 0-7> − Specifies that the access profile will apply only to packets with this
802.1p priority value.
• ethernet_type <hex 0x0-0xffff> − Specifies that the access profile will apply only to packets
with this hexadecimal 802.1Q Ethernet type value in the packet header.
To Next Page
Loading...
Need help?
General