Filter
Top Products
DGS-3100 Series Gigabit Stackable Managed Switch CLI Manual
21
7
deny – Specifies that packets that do not match the access profile
are not permitted to be forwarded by the Switch and will be filtered.
time_range <range_name 32>} – Defines a time range
name.
Restrictions Only Administrator or operator-level users can issue this command.
Example usage:
To configure a rule for the Ethernet access profile:
DGS3100# config access profile profile_id 1 add access_id 1 ethernet vlan Trinity 802.1p 1
port 1 permit priority 1 replace priority 1
Success.
DGS3100#
config access_profile (for IPv4)
Purpose To configure the IP access profile on the Switch and to define
specific values for the rules that to be used to by the Switch to
determine if a given packet should be forwarded or filtered. Masks
entered using the create access_profile command will be
combined, using a logical AND operational method, with the values
the Switch finds in the specified frame header fields.
Syntax
config access_profile profile_id <value 1-15> [add access_id
[auto assign | <value 1-240>] [ip {source_ip <ipaddr> |
destination_ip <ipaddr> | dscp <value 0–63> | [icmp {type
<value 0-255> code <value 0-255>} | igmp {type <value 0-255>} |
tcp {src_port <value 0-65535> | dst_port <value 0-65535> |flag
{+ | –} {urg | ack | psh | rst | syn | fin } | udp {src_port <value 0-
65535> | dst_port <value 0-65535>}]} ports [<portlist> | <ch1-
32>] [permit {replace_priority <value 0-7> | replace_dscp <value
0-63> | rate_limit <value 64-1000000>} | deny] {time_range
<range_name 32>}
Description The config access_profile command defines the rules used by the
Switch to either filter or forward packets based on the IP part of each
packet header.
Parameters profile_id <value 1-15> – Specifies the access profile id to be
configured with this command. This value is assigned to the access
profile when it is created with the create access_profile command.
The lower the profile ID, the higher the priority the rule will be given.
add access_id <value 1-240> – Adds an additional rule to the above
specified access profile. The value specifies the relative priority of
the additional rule. Up to 240 different rules may be configured for
the IP access profile.
auto_assign – Configures the Switch to automatically assign
a numerical value (between 1 and 240) for the rule being
configured.
ip – Specifies that the Switch examine the IP fields in each packet to
determine if it will be either forwarded or filtered based on one or
more of the following:
source_ip <ipaddr> – Specifies that the access profile
applies only to packets with this source IP address.
destination_ip <ipaddr> – Specifies that the access profile