Support User Manuals

D-Link DGS-3100 Switch User Manual

Open as PDF

of 242

DGS-3100 Series Gigabit Stackable Managed Switch CLI Manual

21

4

 udp – Specifies that the Switch examines each frame’s

protocol field and it’s value must be 17 (User Datagram

Protocol-UDP) in order for the action to take place..

 src_port_mask <hex 0x0-0xffff> – Specifies a UDP port

mask for the source port.

 dst_port_mask <hex 0x0-0xffff> – Specifies a UDP port

mask for the destination port.

Restrictions Only administrator or operate-level users can issue this command.

Example usage:

To create an IP access profile:

DGS3100# create access_profile profile_id 2 ip source_ip_mask 20.0.0.0

destination_ip_mask 10.0.0.0 dscp icmp type

Success.

DGS3100#

create access_profile (for IPv6)

Purpose To create an access profile on the Switch by examining the IP part

of the packet header. Masks entered are combined with the values

the Switch finds in the specified frame header fields. Specific values

for the rules are entered using the config access_profile

command, below.

Syntax

profile_id <value 1-15> ip [ icmp { type | code } | tcp

{ src_port_mask < hex 0x0–0xffff > | dst_port_msk <hex 0x0-

0xffff> | flag_mask }{+ | –} {urg | ack | psh | rst | syn | fin }} | udp

{ src_port_mask < hex 0x0–0xffff > | dst_port_msk <hex 0x0-

0xffff> } ] { source_ip_mask <netmask> | destination_ip_mask

<netmask> | class }

Description The create access_profile command creates a profile for packets

that may be accepted or denied by the Switch by examining the IP

part of the packet header. Specific values for rules pertaining to the

IP part of the packet header may be defined by configuring the

config access_profile command for IP, as stated below.

Parameters profile_id <value 1-15> – Specifies an index number between 1 and

15 that identifies the access profile being created with this

command.

ip – Specifies that the Switch examines the IP fields in each packet

with special emphasis on one or more of the following:

source_ip_mask <netmask> – Specifies an IP address mask for the

source IP address.

destination_ip_mask <netmask> – Specifies an IP address mask for

the destination IP address.

Class – Specifies that the Switch examines the DiffServ Code Point

(CLASS) field in each frame’s header.

icmp – Specifies that the Switch examines the Protocol field in each

frame’s IP header , and that the value must be 1 (Internet Control

Message Protocol- ICMP) for the action to take place.

type – Specifies that the Switch examines each frame’s ICMP Type

field.

code – Specifies that the Switch examines each frame’s ICMP Code

previous next