D-Link DES-3852 Product Manual - Page 155

xStack DES-3800 Series Layer 3 Stackable Fast Ethernet Managed Switch CLI Manual

151

create access_profile (IP)

type

−

Specifies that the Switch will examine each frame’s IGMP

Type field.

•

tcp

−

Specifies that the Switch will examine each frames Transport Control

Protocol (TCP) field.

src_port_mask <hex 0x0-0xffff>

−

Specifies a TCP port mask for

the source port.

dst_port_mask <hex 0x0-0xffff>

−

Specifies a TCP port mask for

the destination port.

flag_mask [all | {urg | ack | psh | rst | syn | fin}]

– Enter the

appropriate flag_mask parameter. All incoming packets have

TCP port numbers contained in them as the forwarding

criterion. These numbers have flag bits associated with them

which are parts of a packet that determine what to do with the

packet. The user may deny packets by denying certain flag

bits within the packets. The user may choose between

all

,

urg

(urgent),

ack

(acknowledgement),

psh

(push),

rst

(reset),

syn

(synchronize) and

fin

(finish).

•

udp

−

Specifies that the Switch will examine each frame’s User Datagram

Protocol (UDP) field.

src_port_mask <hex 0x0-0xffff>

−

Specifies a UDP port mask for

the source port.

dst_port_mask <hex 0x0-0xffff>

−

Specifies a UDP port mask for

the destination port.

•

protocol_Id_mask

−

Specifies that the Switch will examine each frame’s

Protocol ID field.

user_define_mask <hex 0x0-0xfffffff>

−

Enter a hexidecimal value

that will identify the protocol to be discovered in the packet

header.

profile_id <value 1-255>

- Specifies an index number between 1 and 255 that will

identify the access profile being created with this command.

Restrictions

Only Administrator or Operator-level users can issue this command.

Example usage:

To configure a rule for the IP access profile:

DES-3800:admin#create access_profile ip protocol_id

profile_id 2

Command: create access_profile ip protocol_id profile_id 2

Success.

DES-3800:admin#

config access_profile profile_id (IP)

Purpose

Used to configure the IP access profile on the Switch and to define specific values

for the rules that will be used to by the Switch to determine if a given packet should

be forwarded, filtered or mirrored. Masks entered using the

create access_profile

command will be combined, using a logical AND operational method, with the values

the Switch finds in the specified frame header fields.

Syntax

config access_profile profile_id <value 1-255> [add access_id [auto_assign |

<value 1-65535>] ip {vlan <vlan_name 32> | source_ip <ipaddr> | destination_ip

<ipaddr> | dscp <value 0-63> | [icmp {type <value 0-255> code <value 0-255>} |

igmp {type <value 0-255>} | tcp {src_port <value 0-65535> | dst_port <value 0-

65535> | urg | ack | psh | rst | syn | fin} | udp {src_port <value 0-65535> |

dst_port <value 0-65535>} | protocol_id <value 0 - 255>

{user_define <hex 0x0-

Section	Page
INTRODUCTION	5
Using the Console CLI	7
Command Syntax	11
Basic Switch Commands	13
Switch Port Commands	31
SNMP V3	35
PoE Commands	49
Network Management Commands	54
Switch Utility Commands	62
Network Monitoring Commands	73
Layer 2 FDB Commands	86
Packet Storm Control Commands	94
QoS Commands	98
Mirror Configuration Commands	106
VLAN Commands	109
Link Aggregation Commands	123
IGMP Snooping Commands	127
802.1X Commands (Including Guest VLANs)	135
Access Control List (ACL) Commands	148
Traffic Segmentation Commands	168
Command List History	170
Basic IP Commands (For Layer 3)	173
ARP Commands	178
Routing Table Commands	182
Route Redistribution Commands	185
RIP Commands	191
IGMP Commands	195
Auto Config Commands V3	199
DNS Relay Commands	201
DVMRP Commands	205
IP Multicasting Commands	210
MD5 Commands	213
OSPF Configuration Commands	215
Time and SNTP Commands	232
Port Security Commands	238
MAC Notification Commands	242
SSH Commands	246
Jumbo Frame Commands	254
Access Authentication Control Commands	256
D-Link Single IP Management Commands	279
Multiple Spanning Tree Protocol (MSTP) Commands	289
SSL Commands	301
VRRP Commands	307
System Severity	316
DHCP Relay	318
IP-MAC Binding Commands	324
LACP Configuration Commands	338
CPU Interface Filtering (Software ACL) Commands	340
Modify Prompt and Banner Commands	348
Safeguard Engine	351
WRED Command List	353
Web-based Access Control (WAC) Commands	357
Double VLAN Command List	363
Limited Multicast IP Address Commands	368
Route Preference Commands	373
MAC-Based Access Control Commands	376
PIM Commands	385
Loopback Interface Commands	402
DHCP Server Command List	405
MLD Snooping Commands	421
Loopback Detection Commands	428
Password Recovery Commands	433
Multicast VLAN Commands	436
CPU Filtering Commands List	439
Broadcast Segmentation Commands	441
Technical Specifications	443

D-Link DES-3852 Product Manual - Page 155

create access_profile IP, config access_profile profile_id IP

Page 155 highlights