xStack
®
DGS-3400 Series Layer 2 Gigabit Ethernet Managed Switch CLI Manual
72
create cpu access_profile profile_id
Purpose
This command is used to create CPU access list profiles.
Syntax
create cpu access_profile profile_id <value 1-5> [ethernet {vlan | source_mac
<macmask 000000000000-ffffffffffff> | destination_mac <macmask 000000000000-
ffffffffffff> | ethernet_type} | ip {vlan | source_ip_mask <netmask> |
destination_ip_mask <netmask> | dscp | [icmp {type | code} | igmp {type} | tcp
{src_port_mask <hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff> | flag_mask [all |
{urg | ack | psh | rst | syn | fin}]} | udp {src_port_mask <hex 0x0-0xffff> | dst_port_mask
<hex 0x0-0xffff>} | protocol_id_mask <hex 0x0-0xff> {user_define_mask <hex 0x0-
0xffffffff>}]} | packet_content_mask {offset_0-15 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>
<hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | offset_16-31 <hex 0x0-0xffffffff> <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | offset_32-47 <hex 0x0-0xffffffff> <hex
0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | offset_48-63 <hex 0x0-0xffffffff>
<hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | offset_64-79 <hex 0x0-
0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>} | ipv6 {[{class |
flowlabel} | source_ipv6_mask <ipv6mask> | destination_ipv6_mask <ipv6mask>]}]
Description
This command is used to create CPU access list profiles.
Parameters
<value 1-5>
- Specify a value between 1 and 5.
ethernet
- Specify an Ethernet CPU access control list rule.
vlan
- Specify a VLAN mask.
source_mac
- Specify the source MAC mask.
<macmask000000000000-ffffffffffff>
- Specify the source MAC mask.
destination_mac
- Specify the destination MAC mask.
<macmask 000000000000-ffffffffffff>
- Specify the destination MAC mask.
ethernet_type
- Specify the Ethernet type mask.
ip
- Specify an IP CPU access control list rule.
vlan
- Specify a VLAN mask.
source_ip_mask
- Specify an IP source submask.
<netmask>
- Specify an IP source submask.
destination_ip_mask
- Specify an IP destination submask.
<netmask>
- Specify an IP destination submask.
dscp
- Specify the DSCP mask.
icmp
- Specify that the rule applies to ICMP traffic.
type
- (Optional) Specify the ICMP packet type.
code
- (Optional) Specify the ICMP code.
igmp
- Specify that the rule applies to IGMP traffic.
type
- (Optional) Specify the IGMP packet type.
tcp
- Specify that the rule applies to TCP traffic.
src_port_mask
- (Optional) Specify the TCP source port mask.
<hex 0x0-0xffff>
- Specify the TCP source port mask.
dst_port_mask
- (Optional) Specify the TCP destination port mask.
<hex 0x0-0xffff>
- Specify the TCP destination port mask.
flag_mask
- (Optional) Specify the TCP flag field mask.
all
– Specify to check all paramenters below.
urg
- (Optional) Specify Urgent Pointer field significant.
ack
- (Optional) Specify Acknowledgment field significant.
psh
- (Optional) Specify Push Function.
rst
- (Optional) Specify to reset the connection.
syn
- (Optional) Specify to synchronize sequence numbers.
fin
- (Optional) No more data from sender.
udp
- Specify that the rule applies to UDP traffic.
src_port_mask
- (Optional) Specify the UDP source port mask.