D-Link 3324SRi Reference Manual - Page 233

config access_profile profile_id IP, config access_profile profile_id <value 1-8> [add access_id

Get D-Link 3324SRi - Switch - Stackable PDF manuals and user guides
UPC - 790069256042
View all D-Link 3324SRi manuals
Add to My Manuals
Save this manual to your list of manuals

Page 233 highlights

xStack Gigabit Layer 3 Switch Command Line Interface Manual DGS-3324SRi:4#create access_profile ip protocol_id profile_id 2 Command: create access_profile ip protocol_id profile_id 2 Success. DGS-3324SRi:4# config access_profile profile_id (IP) Purpose Syntax Description Parameters Used to configure the IP access profile on the Switch and to define specific values for the rules that will be used to by the Switch to determine if a given packet should be forwarded or filtered. Masks entered using the create access_profile command will be combined, using a logical AND operational method, with the values the Switch finds in the specified frame header fields. config access_profile profile_id [add access_id ip {vlan | source_ip | destination_ip | dscp | [icmp {type code } | igmp {type } | tcp {src_port | dst_port | urg | ack | psh | rst | syn | fin} | udp {src_port | dst_port } | protocol_id {user_define }]} port [permit {priority {replace_priority} | replace_dscp } | deny] delete ] This command is used to define the rules used by the Switch to either filter or forward packets based on the IP part of each packet header. profile_id - Enter an integer between 1 and 8 that is used to identify the access profile that will be configured with this command. This value is assigned to the access profile when it is created with the create access_profile command. The lower the profile ID, the higher the priority the rule will be given. add access_id - Adds an additional rule to the above specified access profile. The value specifies the relative priority of the additional rule. Up to 100 different rules may be configured for the IP access profile. ip − Specifies that the Switch will look into the IP fields in each packet to see if it will be either forwarded or filtered based on one or more of the following: • vlan − Specifies that the access profile will apply to only to this VLAN. • source_ip − Specifies that the access profile will apply to only packets with this source IP address. • destination_ip − Specifies that the access profile will apply to only packets with this destination IP address. • dscp − Specifies that the access profile will apply only to packets that have this value in their Type-of-Service (DiffServ code point, DSCP) field in their IP packet header. • icmp − Specifies that the Switch will examine the Internet 225

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332
  • 333
  • 334
  • 335
  • 336
  • 337
  • 338
  • 339
  • 340
  • 341
  • 342
  • 343
  • 344
  • 345
  • 346
  • 347
  • 348
  • 349
  • 350
  • 351
  • 352
  • 353
  • 354
  • 355
  • 356
  • 357
xStack Gigabit Layer 3 Switch Command Line Interface Manual
DGS-3324SRi:4#create access_profile ip protocol_id profile_id 2
Command: create access_profile ip protocol_id profile_id 2
Success.
DGS-3324SRi:4#
config access_profile profile_id (IP)
Purpose
Used to configure the IP access profile on the Switch and to define
specific values for the rules that will be used to by the Switch to
determine if a given packet should be forwarded or filtered. Masks
entered using the
create access_profile
command will be
combined, using a logical AND operational method, with the values
the Switch finds in the specified frame header fields.
Syntax
config access_profile profile_id <value 1-8> [add access_id
<value 1-100> ip {vlan <vlan_name 32> | source_ip <ipaddr> |
destination_ip <ipaddr> | dscp <value 0-63> | [icmp {type <value
0-255> code <value 0-255>} | igmp {type <value 0-255>} | tcp
{src_port <value 0-65535> | dst_port <value 0-65535> | urg | ack
| psh | rst | syn | fin} | udp {src_port <value 0-65535> | dst_port
<value 0-65535>} | protocol_id <value 0 - 255>
{user_define
<hex 0x0-0xffffffff>}]} port <port> [permit {priority <value 0-7>
{replace_priority} | replace_dscp <value 0-63>} | deny] delete
<value 1-100>]
Description
This command is used to define the rules used by the Switch to
either filter or forward packets based on the IP part of each packet
header.
Parameters
profile_id <value 1-8>
- Enter an integer between 1 and 8 that is
used to identify the access profile that will be configured with this
command. This value is assigned to the access profile when it is
created with the
create access_profile
command. The lower the
profile ID, the higher the priority the rule will be given.
add access_id <value 1-100>
- Adds an additional rule to the above
specified access profile. The value specifies the relative priority of
the additional rule. Up to 100 different rules may be configured for
the IP access profile.
ip
Specifies that the Switch will look into the IP fields in each
packet to see if it will be either forwarded or filtered based on one or
more of the following:
vlan <vlan_name 32>
Specifies that the access profile will
apply to only to this VLAN.
source_ip <ipaddr>
Specifies that the access profile will
apply to only packets with this source IP address.
destination_ip <ipaddr>
Specifies that the access profile will
apply to only packets with this destination IP address.
dscp <value 0-63>
Specifies that the access profile will apply
only to packets that have this value in their Type-of-Service
(DiffServ code point, DSCP) field in their IP packet header.
icmp
Specifies that the Switch will examine the Internet
225