D-Link DES-3200 Switch User Manual


 
xStack® DES-3200 Series Layer 2 Ethernet Managed Switch CLI Reference Guide
211
config access_profile
type – Specifies that the Switch will examine each frame’s IGMP Type field.
tcp Specifies that the Switch will examine the Transmission Control Protocol (TCP) field
within each packet.
src_port <value 0-65535> Specifies that the access profile will apply only to packets that
have this TCP source port in their TCP header.
dst_port <value 0-65535> Specifies that the access profile will apply only to packets that
have this TCP destination port in their TCP header.
flag – Enter the type of TCP flag to be matched.
all: all flags are selected.
urg: TCP control flag (urgent)
ack: TCP control flag (acknowledgement)
psh: TCP control flag (push)
rst: TCP control flag (reset)
syn: TCP control flag (synchronize)
fin: TCP control flag (finish)
udp Specifies that the Switch will examine the Universal Datagram Protocol (UDP) field in
each packet.
src_port <value 0-65535> Specifies that the access profile will apply only to packets that
have this UDP source port in their header.
dst_port <value 0-65535> Specifies that the access profile will apply only to packets that
have this UDP destination port in their header.
protocol_id <value 0-255> Specifies that the Switch will examine the protocol field in each
packet and if this field contains the value entered here, apply the following rules.
ipv6 - Specifies IPv6 filtering mask.
class Specifies the IPv6 class.
flowlabel – Specifies the IPv6 flow label.
source_ipv6_mask – Specifies an IPv6 source address.
src_port_mask – Specifies an IPv6 L4 (TCP/UDP) source port submask.
dst_port_mask Specifies an IPv6 L4 (TCP/UDP) destination port submask.
packet_content – A maximum of 11 offsets can be specified. Each offset defines two bytes of
data, which is identified as a single UDF field. The offset reference is also configurable. It can
be defined to start at the end of a tag, the end of an ether type or the end of an IP header. To
qualify the fields before the end of a tag, the destination address, source address, and the
VLAN tags are also included.
source_mac – Specifies that the access profile will only apply to packets with this source MAC
address.
destination_mac – Specifies that the access profile will only apply to packets with this
destination MAC address.
c_tag – Specifies the 16-bit inner VLAN tag of the packet to match. This constitutes the 3-bit
PCP, 1-bit CFI and 12-bit VID fields.
s_tag – Specifies the 16-bit outer VLAN tag of the packet to match. This constitutes the 3-bit
PCP, 1-bit CFI and 12-bit VID fields.
offset1 offset11 – Specifies the data to match for each match UDF field data defined in the
profile.
Example: If offset1 defined as “offset1 0 L2 0x00FF” is defined in the profile, and in this
command the data specified is “offset1 0x00AA”, then the switch will look at the second byte of
the ether type. If the byte matches 0xAA, then the device will process the packet according to
the configured action.
Parameters
port <portlist> Specifies the port number on the Switch to permit or deny access for the
rule. The user can also configure “all” to specify all ports.
permit Specifies that packets that match the access profile are permitted to be forwarded by
the Switch.
priority <value 0-7>
This parameter is specified if you want to re-write the 802.1p user priority