D-Link 3324SRi Reference Manual - Page 229

xStack Gigabit Layer 3 Switch Command Line Interface Manual

create access_profile (for Ethernet)

<value 1-8>}

Description

This command will allow the user to create a profile for packets that

may be accepted or denied by the Switch by examining the Ethernet

part of the packet header. Specific values for rules pertaining to the

Ethernet part of the packet header may be defined by configuring the

config access_profile

command for Ethernet, as stated below.

Parameters

ethernet

- Specifies that the Switch will examine the layer 2 part of

each packet header with emphasis on one or more of the following:

profile_id <value 1-8>

- Specifies an index number between 1 and 8

that will identify the access profile being created with this command.

Restrictions

Only administrator-level users can issue this command.

•

vlan

−

Specifies that the Switch will examine the VLAN part of

each packet header.

•

source_mac <macmask>

−

Specifies a MAC address mask for

the source MAC address. This mask is entered in the following

hexadecimal format: 000000000000-FFFFFFFFFFFF

•

destination_mac <macmask>

−

Specifies a MAC address

mask for the destination MAC address in the following format:

000000000000-FFFFFFFFFFFF

•

802.1p

−

Specifies that the Switch will examine the 802.1p

priority value in the frame’s header.

•

ethernet_type

−

Specifies that the Switch will examine the

Ethernet type value in each frame’s header.

Example usage:

To create a Ethernet access profile:

DGS-3324SRi:4#create access_profile ethernet vlan 802.1p profile_id 1

Command: create access_profile ethernet vlan 802.1p profile_id 1

Success.

DGS-3324SRi:4#

config access_profile profile_id (for Ethernet)

Purpose

Used to configure the Ethernet access profile on the Switch and to

define specific values for the rules that will be used to by the Switch

to determine if a given packet should be forwarded or filtered. Masks

entered using the

create access_profile

command will be

combined, using a logical AND operational method, with the values

the Switch finds in the specified frame header fields.

Syntax

config access_profile profile_id <value 1-8> [add access_id

<value 1-100> [ethernet {vlan <vlan_name 32> | source_mac

<macaddr 000000000000-ffffffffffff> | destination_mac <macaddr

000000000000-ffffffffffff> | 802.1p <value 0-7> | ethernet_type

<hex 0x0-0xffff>} port <port> [permit {priority <value 0-7>

{replace_priority} | replace_dscp <value 0-63> } | deny] delete

221

Section	Page
Introduction	9
	9
	9
Accessing the Switch via the Serial Port	9
Setting the Switch’s IP Address	10
Using the Console CLI	12
	12
	12
Connecting to the Switch	12
Command Syntax	17
Basic Switch Commands	19
Switch Port Commands	34
Port Security Commands	37
Network Management (SNMP) Commands	40
Switch Utility Commands	62
Network Monitoring Commands	68
Multiple Spanning Tree Protocol (MSTP) Commands	85
Forwarding Database Commands	99
Broadcast Storm Control Commands	109
QoS Commands	111
Port Mirroring Commands	124
VLAN Commands	128
Link Aggregation Commands	138
IP Commands (Including IP Multinetting)	144
IGMP Commands (Including IGMP v3)	149
IGMP Snooping Commands	153
MAC Notification Commands	163
Access Authentication Control Commands	168
SSH Commands	193
SSL Commands	201
802.1X Commands	207
Access Control List (ACL) Commands	226
Traffic Segmentation Commands	244
Stacking Commands	247
D-Link Single IP Management Commands	251
Time and SNTP Commands	262
ARP Commands	269
VRRP Commands	273
Routing Table Commands	281
Route Redistribution Commands	285
BOOTP Relay Commands	292
DNS Relay Commands	296
RIP Commands	300
DVMRP Commands	303
PIM Commands	308
IP Multicasting Commands	312
MD5 Configuration Commands	314
OSPF Configuration Commands	317
Route Preference Commands	338
Jumbo Frame Commands	342
File System Commands	344
Command History List	352

D-Link 3324SRi Reference Manual - Page 229

create access_profile for Ethernet, config access_profile profile_id for Ethernet

Page 229 highlights