xStack® DES-3528/DES-3552 Series Layer 2 Managed Stackable Fast Ethernet Switch CLI Reference Guide
270
config access_profile
tcp – Specifies that the Switch will examine each frame’s Transmission Control Protocol
(TCP) field.
• src_port_mask <hex 0x0-0xffff>
−
Specifies a TCP port mask for the source port.
• dst_port_mask <hex 0x0-0xffff> − Specifies a TCP port mask for the destination port.
udp − Specifies that the Switch will examine each frame’s User Datagram Protocol (UDP)
field.
• src_port_mask <hex 0x0-0xffff> − Specifies a TCP port mask for the source port.
• dst_port_mask <hex 0x0-0xffff> − Specifies a TCP port mask for the destination port.
• source_ipv6_mask <ipv6mask> − Specifies an IP address mask for the source IPv6
address.
• destination_ipv6_mask <ipv6mask> − Specifies an IP address mask for the
destination IPv6 address.
port <portlist> − Specifies the port number on the Switch to permit, deny or mirror access for
the rule.
permit − Specifies the rule permit access for incoming packets on the previously specified
port.
priority <value 0-7> − Specifies that the access profile will apply to packets that contain this
value in their 802.1p priority field of their header for incoming packets on the previously
specified port.
{replace_priority} − Allows users to specify a new value to be written to the priority field of an
incoming packet on the previously specified port.
replace_dscp_with <value 0-63> − Allows users to specify a new value to be written to the
DSCP field of an incoming packet on the previously specified port.
replace_tos_precedence_with <value 0-7>– Specifies the packets that match the access
profile and that tos-precedence values will be changed by the Switch.
deny
− Specifies the rule will deny access for incoming packets on the previously specified
port.
mirror – Specifies the packets that match the access profile, copies it and sends the copied
one to the mirror port.
redirect - Specifies that packets matching the access rule are redirect to the interface.
egress_port - Specifies the redirect port.
<port> - Enter the redirect port number used here.
time_range – Specifies the time_range profile that has been associated with the ACL entries.
delete access_id <value 1-128> − Use this to remove a previously created access rule of a
profile ID. For information on number of rules that can be created for a given port, lease see
the introduction to this chapter.
Restrictions
Only Administrator and Operator-level users can issue this command.
Example usage:
To configure the access profile with the profile ID of 1 to filter frames on port 7 that have IP addresses in the
range between 10.42.73.0 to 10.42.73.255:
To Next Page
Loading...
