Filter
Top Products
DGS-3100 Series Gigabit Stackable Managed Switch CLI Manual
21
1
35
ACCESS CONTROL LIST COMMANDS
The Access Control List commands in the Command Line Interface (CLI) are listed (along with the
appropriate parameters) in the following table.
Command Parameter
create access_profile
(for Ethernet)
profile_id <value 1-15> [ethernet {vlan | source_mac <macmask 000000000000-
ffffffffffff> |destination_mac <macmask 000000000000-ffffffffffff> | 802.1p |
ethernet_type}]
create access_profile
(for IPv4)
profile_id <value 1–15> ip [ icmp { type | code } | igmp { type } | tcp
{ src_port_mask < hex 0x0–0xffff > | dst_port_msk <hex 0x0–0xffff> |
flag_mask }}{+ | –} {urg | ack | psh | rst | syn | fin }} | udp { src_port_mask < hex
0x0–0xffff > | dst_port_msk <hex 0x0–0xffff> } ] { source_ip_mask <netmask> |
destination_ip_mask <netmask> | dscp }
create access_profile
(for IPv6)
profile_id <value 1-15> ip [ icmp { type | code } | tcp { src_port_mask < hex 0x0–
0xffff > | dst_port_msk <hex 0x0-0xffff> | flag_mask }{+ | –} {urg | ack | psh | rst |
syn | fin }} | udp { src_port_mask < hex 0x0–0xffff > | dst_port_msk <hex 0x0-
0xffff> } ] { source_ip_mask <netmask> | destination_ip_mask <netmask> |
class }
config access_profile
(for Ethernet)
profile_id <value 1-15> [add access_id [auto assign | <value 1-240>] [Ethernet
{vlan <vlan_name 32> | source_mac <macaddr 000000000000-ffffffffffff> |
destination_mac <macaddr 000000000000-ffffffffffff> | 802.1p <value 0-7> |
ethernet_type <hex 0x0-0xffff>} ports <portlist> [permit {replace_priority <value
0-7> | replace_dscp <value 0-63> | rate_limit <value 64-1000000>} | deny]
{time_range <range_name 32>}
config access_profile
(for IPv4)
profile_id <value 1-15> [add access_id [auto assign | <value 1-240>] [ip
{source_ip <ipaddr> | destination_ip <ipaddr> | dscp <value 0-63> | [icmp {type
<value 0-255> code <value 0-255>} | igmp {type <value 0–255>} | tcp {src_port
<value 0-65535> | dst_port <value 0-65535> | flag flag {+ | –} {urg | ack | psh |
rst | syn | fin }} | udp {src_port <value 0-65535> | dst_port <value 0–65535>}]}
ports <portlist> [permit {replace_priority <value 0-7> | replace_dscp <value 0–
63> | rate_limit <value 64-1000000>} | deny] {time_range <range_name 32>}
config access_profile
(for IPv6)
profile_id <value 1-15> [add access_id [auto assign | <value 1-240>] [ip
{source_ip <ipaddr> | destination_ip <ipaddr> | class <value 0–63> | [icmp {type
<value 0-255> code <value 0-255>}| tcp {src_port <value 0-65535> | dst_port
<value 0-65535> |flag {+ | –} {urg | ack | psh | rst | syn | fin } | udp {src_port
<value 0-65535> | dst_port <value 0-65535>}]} ports [<portlist> | <ch1-32>]
[permit {replace_priority <value 0-7> | replace_class <value 0-63> | rate_limit
<value 64-1000000>} | deny] {time_range <range_name 32>}
config access_profile profile_id <value 1-15> delete access_id <value 1-240>
delete access_profile profile_id <value 1-15>
show access_profile {profile_id <value 1-15>}
config time–range
<range_name 32> [hours start_time <time hh:mm> end_time <time hh:mm>
weekdays <daylist> | delete]
show time–range