xStack DES-6500 Modular Layer 3 Chassis Ethernet Switch CLI Manual
config access_profile profile_id (IP)
packet to see if it will be either forwarded or filtered based on one or
more of the following:
•
vlan <vlan_name 32>
−
Specifies that the access profile will
apply to only to this VLAN.
•
source_ip <ipaddr>
−
Specifies that the access profile will
apply to only packets with this source IP address.
•
destination_ip <ipaddr>
−
Specifies that the access profile will
apply to only packets with this destination IP address.
•
dscp <value 0-63>
−
Specifies that the access profile will apply
only to packets that have this value in their Type-of-Service
(DiffServ code point, DSCP) field in their IP packet header.
•
icmp
−
Specifies that the Switch will examine the Internet
Control Message Protocol (ICMP) field within each packet.
•
type <value 0-255>
−
Specifies that the access profile will
apply to this ICMP type defined by a value between 0 and 255.
•
code <value 0-255>
−
Specifies that the access profile will
apply to this ICMP code defined by a value between 0 and
255.
•
igmp
−
Specifies that the Switch will examine the Internet
Group Management Protocol (IGMP) field within each packet.
•
type <value 0-255>
−
Specifies that the access profile will
apply to packets that have this IGMP type defined by a value
between 0 and 255..
•
tcp
−
Specifies that the Switch will examine the Transmission
Control Protocol (TCP) field within each packet.
•
src_port <value 0-65535>
−
Specifies that the access profile
will apply only to packets that have this TCP source port in
their TCP header.
•
dst_port <value 0-65535>
−
Specifies that the access profile
will apply only to packets that have this TCP destination port in
their TCP header.
•
flag_mask
– Enter the type of TCP flag to be masked. The
choices are:
•
urg
: TCP control flag (urgent)
•
ack
: TCP control flag (acknowledgement)
•
psh
: TCP control flag (push)
•
rst
: TCP control flag (reset)
•
syn
: TCP control flag (synchronize)
•
fin
: TCP control flag (finish)
•
udp
−
Specifies that the Switch will examine the Universal
Datagram Protocol (UDP) field in each packet.
•
src_port <value 0-65535>
−
Specifies that the access profile
will apply only to packets that have this UDP source port in
their header.
•
dst_port <value 0-65535>
−
Specifies that the access profile
will apply only to packets that have this UDP destination port in
218