Specifications

ManualsBrandsAllied Telesyn International Corp ManualsComputer equipmentAT-9724TS

181

182

183

184

185

186

187

188

189

190

config access_profile

Purpose Used to configure an access profile on the Switch and to define specific values that will be used to by the

Switch to determine if a given packet should be forwarded or filtered. Masks entered using the create

access_profile command will be combined, using a logical AND operation, with the values the Switch finds in

the specified frame header fields. Specific values for the rules are entered using the config access_profile

command, below.

Syntax <value 1-8> [add access_id <value 1-50> [ethernet {vlan <vlan_name 32> | source_mac

<macaddr> | destination_mac <macaddr> | 802.1p <value 0-7> | ethernet_type <hex 0x0-

0xffff> } | ip {vlan <vlan_name 32> | source_ip <ipaddr> | destination_ip <ipaddr> | dscp

<value 0-63> | [icmp {type <value 0-255> code <value 0-255>} | igmp {type <value 0-

255>} | tcp {src_port <value 0-65535> | dst_port <value 0-65535> | {urg | ack | psh | rst |

syn | fin} | udp {src_port <value 0-65535> | dst_port <value 0-65535>} | protocol_id <value

0 - 255> {user_define <hex 0x0-0xffffffff> }]} | packet_content {offset_0-15 <hex0x0-

0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> | offset_16-31

<hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> |

offset_32-47 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff><hex 0x0-0xffffffff> <hex 0x0-

0xffffffff> | offset_48-63 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>

<hex 0x0-0xffffffff> | offset_64-79 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-

0xffffffff> <hex0x0-0xffffffff>}] [permit { priority <value 0-7> {replace_priority} |

replace_dscp <value 0-63> } | deny] | delete <value 1-50>]

Description The config access_profile command is used to configure an access profile on the Switch and to enter

specific values that will be combined, using a logical AND operation, with masks entered with the create

access_profile command, above.

Parameters profile_id <value 1-8> – Enter an integer between 1 and 8 that is used to identify the access profile that will be

deleted with this command.This value is assigned to the access profile when it is created with the create

access_profile command.The lower the profile ID, the higher the priority the rule will be given.

add access_id <value 1-50> – Adds an additional rule to the above specified access profile.The value specifies

the relative priority of the additional rule.

ethernet – Specifies that the Switch will look only into the layer 2 part of each packet.

vlan <vlan_name 32> – Specifies that the access profile will apply to only to this VLAN.

source_mac <macaddr> – Specifies that the access profile will apply to only packets with this source

MAC address. MAC entries may be made in the following form: in the following format:

000000000000-FFFFFFFFFFFF.

destination_mac <macaddr> – Specifies that the access profile will apply to only packets with this

destination MAC address in the following format: 000000000000-FFFFFFFFFFFF.

802.1p <value 0-7> – Specifies that the access profile will apply only to packets with this 802.1p

priority value.

ethernet_type <hex 0x0-0xffff> – Specifies that the access profile will apply only to packets with this

hexadecimal 802.1Q Ethernet type value in the packet header.

ip – Specifies that the Switch will look into the IP fields in each packet.

vlan <vlan_name 32> – Specifies that the access profile will apply to only to this VLAN.

source_ip <ipaddr> – Specifies that the access profile will apply to only packets with this source IP

address.

destination_ip <ipaddr> – Specifies that the access profile will apply to only packets with this

destination IP address.

dscp <value 0-63> – Specifies that the access profile will apply only to packets that have this value

in their Type-of-Service (DiffServ code point, DSCP) field in their IP packet header.

icmp – Specifies that the Switch will examine the Internet Control Message Protocol (ICMP) field

within each packet.

type <value 0-255> – Specifies that the access profile will apply to this ICMP type value.

code <value 0-255> – Specifies that the access profile will apply to this ICMP code.

gmp – Specifies that the Switch will examine the Internet Group Management Protocol (IGMP)

field within each packet.

type <value 0-255> – Specifies that the access profile will apply to packets that have this IGMP type

value.

tcp – Specifies that the Switch will examine the Transmission Control Protocol (TCP) field within

each packet.

src_port <value 0-65535> – Specifies that the access profile will apply only to packets that have this

TCP source port in their TCP header.

dst_port <value 0-65535> – Specifies that the access profile will apply only to packets that have this

TCP destination port in their TCP header.

flag_mask – Enter the type of TCP flag to be masked.The choices are:

urg:TCP control flag (urgent)

188

Allied Telesyn AT-9724TS High-Density Layer 3 Stackable Gigabit Ethernet Switch • Command Line Interface Reference Manual