D-Link 3312SR Reference Manual - Page 195

Datagram Protocol UDP field., Protocol ID field.

Get D-Link 3312SR - Switch PDF manuals and user guides
UPC - 790069263873
View all D-Link 3312SR manuals
Add to My Manuals
Save this manual to your list of manuals

Page 195 highlights

DGS-3312SR Layer 3 Gigabit Switch create access_profile Restrictions • flag_mask [ all | {urg | ack | psh | rst | syn | fin}] - Enter the appropriate flag_mask parameter. All incoming packets have TCP port numbers contained in them as the forwarding criterion. These numbers have flag bits associated with them which are parts of a packet that determine what to do with the packet. The user may deny packets by denying certain flag bits within the packets. The user may choose between all, urg (urgent), ack (acknowledgement), psh (push), rst (reset), syn (synchronize) and fin (finish). • udp − Specifies that the switch will examine each frame's Universal Datagram Protocol (UDP) field. • src_port_mask − Specifies a UDP port mask for the source port. • dst_port_mask − Specifies a UDP port mask for the destination port. • protocol_id − Specifies that the switch will examine each frame's Protocol ID field. • user_define_mask − Specifies that the rule applies to the IP protocol ID and the mask options behind the IP header. • packet_content_mask - Specifies that the switch will mask the packet header beginning with the offset value specified as follows: • offset_0-15 - Enter a value in hex form to mask the packet from the beginning of the packet to the 16th byte. • offset_16-31 - Enter a value in hex form to mask the packet from byte 16 to byte 31. • offset_32-47 - Enter a value in hex form to mask the packet from byte 32 to byte 47. • offset_48-63 - Enter a value in hex form to mask the packet from byte 48 to byte 63. • offset_64-79 - Enter a value in hex form to mask the packet from byte 64 to byte 79. port - Specifies a port or range of ports to be configured. The port list is specified by listing the lowest switch number and the beginning port number on that switch, separated by a colon. Then the highest switch number, and the highest port number of the range (also separated by a colon) are specified. The beginning and end of the port list range are separated by a dash. For example, 1:3 specifies switch number 1, port 3. 2:4 specifies switch number 2, port 4. 1:3-2:4 specifies all of the ports between switch 1, port 3 and switch 2, port 4 − in numerical order. all - denotes all ports on the switch. profile_id − Specifies an index number that will identify the access profile being created with this command. Only administrator-level users can issue this command. Example usage: To create an access profile that will deny service to the subnet ranging from 10.42.73.0 to 10.42.73.255: 189

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
DGS-3312SR Layer 3 Gigabit Switch
189
create access_profile
flag_mask [ all | {urg | ack | psh | rst | syn | fin}]
– Enter the
appropriate flag_mask parameter. All incoming packets have TCP
port numbers contained in them as the forwarding criterion. These
numbers have flag bits associated with them which are parts of a
packet that determine what to do with the packet. The user may
deny packets by denying certain flag bits within the packets. The
user may choose between
all
,
urg
(urgent),
ack
(acknowledgement),
psh
(push),
rst
(reset),
syn
(synchronize) and
fin
(finish).
udp
Specifies that the switch will examine each frame’s Universal
Datagram Protocol (UDP) field.
src_port_mask <hex 0x0-0xffff>
Specifies a UDP port mask for
the source port.
dst_port_mask <hex 0x0-0xffff>
Specifies a UDP port mask for
the destination port.
protocol_id
Specifies that the switch will examine each frame’s
Protocol ID field.
user_define_mask <hex 0x0-0xffffffff>
Specifies that the rule
applies to the IP protocol ID and the mask options behind the IP
header.
packet_content_mask
– Specifies that the switch will mask the
packet header beginning with the offset value specified as follows:
offset_0-15
– Enter a value in hex form to mask the packet from
the beginning of the packet to the 16
th
byte.
offset_16-31
- Enter a value in hex form to mask the packet from
byte 16 to byte 31.
offset_32-47
- Enter a value in hex form to mask the packet from
byte 32 to byte 47.
offset_48-63
- Enter a value in hex form to mask the packet from
byte 48 to byte 63.
offset_64-79
- Enter a value in hex form to mask the packet from
byte 64 to byte 79.
port <portlist>
- Specifies a port or range of ports to be configured. The
port list is specified by listing the lowest switch number and the beginning
port number on that switch, separated by a colon. Then the highest switch
number, and the highest port number of the range (also separated by a
colon) are specified. The beginning and end of the port list range are
separated by a dash. For example, 1:3 specifies switch number 1, port 3.
2:4 specifies switch number 2, port 4. 1:3-2:4 specifies all of the ports
between switch 1, port 3 and switch 2, port 4
in numerical order.
all
– denotes all ports on the switch.
profile_id <value 1-255>
Specifies an index number that will identify the
access profile being created with this command.
Restrictions
Only administrator-level users can issue this command.
Example usage:
To create an access profile that will deny service to the subnet ranging from 10.42.73.0 to 10.42.73.255: