D-Link DES-3828 Product Manual - Page 154

xStack DES-3800 Series Layer 3 Stackable Fast Ethernet Managed Switch CLI Manual

150

config access_profile profile_id (for Ethernet)

delete access_id <value 1-65535>

−

Use this command to delete a specific rule

from the Ethernet profile. Up to 65535 rules may be specified for the Ethernet

access profile.

Restrictions

Only Administrator or Operator-level users can issue this command.

Example usage:

To configure a rule for the Ethernet access profile:

DES-3800:admin#config access profile profile_id 1 add access_id 1

ethernet vlan Trinity 802.1p 1 port 1 permit priority 1 replace

priority

Command: config access profile profile_id 1 add access_id 1

ethernet vlan Trinity 802.1p 1 port 1 permit priority 1 replace

priority

Success.

DES-3800:admin#

create access_profile (IP)

Purpose

Used to create an access profile on the Switch by examining the IP part of the

packet header. Masks entered can be combined with the values the Switch finds in

the specified frame header fields. Specific values for the rules are entered using the

config access_profile

command, below.

Syntax

create access_profile ip {vlan | source_ip_mask <netmask> |

destination_ip_mask <netmask> | dscp | [icmp {type | code} | igmp {type} |

tcp {src_port_mask <hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff> |

flag_mask [all | {urg | ack | psh | rst | syn | fin}]} | udp {src_port_mask <hex

0x0-0xffff> | dst_port_mask <hex 0x0-xffff>} | protocol_id_mask

{user_define_mask <hex 0x0-0xffffffff> <hex 0x0-0xffffffff><hex 0x0-0xffffffff>

<hex 0x0-0xffffffff> <hex 0x0-0xffffffff>}]} profile_id <value 1-255>}

Description

This command will allow the user to create a profile for packets that may be

accepted, denied or mirrored by the Switch by examining the IP part of the packet

header. Specific values for rules pertaining to the IP part of the packet header may

be defined by configuring the

config access_profile

command for IP, as stated

below.

Parameters

ip

- Specifies that the Switch will look into the IP fields in each packet with special

emphasis on one or more of the following:

•

vlan

−

Specifies a VLAN mask.

•

source_ip_mask <netmask>

−

Specifies an IP address mask for the source IP

address.

•

destination_ip_mask <netmask>

−

Specifies an IP address mask for the

destination IP address.

•

dscp

−

Specifies that the Switch will examine the DiffServ Code Point (DSCP)

field in each frame’s header.

•

icmp

−

Specifies that the Switch will examine the Internet Control Message

Protocol (ICMP) field in each frame’s header.

type

−

Specifies that the Switch will examine each frame’s ICMP

Type field.

code

−

Specifies that the Switch will examine each frame’s ICMP

Code field.

•

igmp

−

Specifies that the Switch will examine each frame’s Internet Group

Management Protocol (IGMP) field.

Section	Page
INTRODUCTION	5
Using the Console CLI	7
Command Syntax	11
Basic Switch Commands	13
Switch Port Commands	31
SNMP V3	35
PoE Commands	49
Network Management Commands	54
Switch Utility Commands	62
Network Monitoring Commands	73
Layer 2 FDB Commands	86
Packet Storm Control Commands	94
QoS Commands	98
Mirror Configuration Commands	106
VLAN Commands	109
Link Aggregation Commands	123
IGMP Snooping Commands	127
802.1X Commands (Including Guest VLANs)	135
Access Control List (ACL) Commands	148
Traffic Segmentation Commands	168
Command List History	170
Basic IP Commands (For Layer 3)	173
ARP Commands	178
Routing Table Commands	182
Route Redistribution Commands	185
RIP Commands	191
IGMP Commands	195
Auto Config Commands V3	199
DNS Relay Commands	201
DVMRP Commands	205
IP Multicasting Commands	210
MD5 Commands	213
OSPF Configuration Commands	215
Time and SNTP Commands	232
Port Security Commands	238
MAC Notification Commands	242
SSH Commands	246
Jumbo Frame Commands	254
Access Authentication Control Commands	256
D-Link Single IP Management Commands	279
Multiple Spanning Tree Protocol (MSTP) Commands	289
SSL Commands	301
VRRP Commands	307
System Severity	316
DHCP Relay	318
IP-MAC Binding Commands	324
LACP Configuration Commands	338
CPU Interface Filtering (Software ACL) Commands	340
Modify Prompt and Banner Commands	348
Safeguard Engine	351
WRED Command List	353
Web-based Access Control (WAC) Commands	357
Double VLAN Command List	363
Limited Multicast IP Address Commands	368
Route Preference Commands	373
MAC-Based Access Control Commands	376
PIM Commands	385
Loopback Interface Commands	402
DHCP Server Command List	405
MLD Snooping Commands	421
Loopback Detection Commands	428
Password Recovery Commands	433
Multicast VLAN Commands	436
CPU Filtering Commands List	439
Broadcast Segmentation Commands	441
Technical Specifications	443

D-Link DES-3828 Product Manual - Page 154

config access_profile profile_id for Ethernet, create access_profile IP, Type field.

Page 154 highlights