Filter
Top Products
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual
187
create access_profile
<hex
0x0
-
0xffff> | dst_port_mask
<hex
0x0
-
0xffff>} | protocol_id_mask
<hex 0x0
-
0xFF> {user_define_mask <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>
<hex 0x0-0xffffffff> <hex 0x0-0xffffffff>}]} | packet_content_mask {offset_0-15
<hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> |
offset_16-31 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>
<hex 0x0-0xffffffff> | offset_32-47 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> | offset_48-63 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>
<hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | offset_64-79 <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>}] [profile_id <value 1-255>]
Description
The create access_profile command is used to create an access profile on the Switch and
to define which parts of each incoming frame’s header the Switch will examine. Masks can
be entered that will be combined with the values the Switch finds in the specified frame
header fields. Specific values for the rules are entered using the config access_profile
command, below.
Parameters
ethernet − Specifies that the Switch will examine the layer 2 part of each packet header.
vlan − Specifies that the Switch will examine the VLAN part of each packet header.
source_mac <macmask> − Specifies a MAC address mask for the source MAC address.
This mask is entered in a hexadecimal format.
destination_mac <macmask> − Specifies a MAC address mask for the destination MAC
address.
802.1p − Specifies that the Switch will examine the 802.1p priority value in the frame’s
header.
ethernet_type − Specifies that the Switch will examine the Ethernet type value in each
frame’s header.
ip − Specifies that the Switch will examine the IP address in each frame’s header.
vlan − Specifies a VLAN mask.
source_ip_mask <netmask> − Specifies an IP address mask for the source IP address.
destination_ip_mask <netmask> − Specifies an IP address mask for the destination IP
address.
dscp − Specifies that the Switch will examine the DiffServ Code Point (DSCP) field in each
frame’s header.
icmp − Specifies that the Switch will examine the Internet Control Message Protocol
(ICMP) field in each frame’s header.
• type − Specifies that the Switch will examine each frame’s ICMP Type
field.
• code − Specifies that the Switch will examine each frame’s ICMP Code
field.
igmp − Specifies that the Switch will examine each frame’s Internet Group Management
Protocol (IGMP) field.
• type − Specifies that the Switch will examine each frame’s IGMP Type
field.
• tcp − Specifies that the Switch will examine each frames Transport Control
Protocol (TCP) field.
src_port_mask <hex 0x0-0xffff> − Specifies a TCP port mask for the source port.
dst_port_mask <hex 0x0-0xffff> − Specifies a TCP port mask for the destination port.
flag_mask – Enter the appropriate flag_mask parameter. All incoming packets have TCP
port numbers contained in them as the forwarding criterion. These numbers have flag
bits associated with them which are parts of a packet that determine what to do with
the packet. The user may deny packets by denying certain flag bits within the packets.
The user may choose between all, urg (urgent), ack (acknowledgement), psh (push),
rst (reset), syn (synchronize) and fin (finish).
udp − Specifies that the Switch will examine each frame’s Universal Datagram Protocol
(UDP) field.