Specifications

ManualsBrandsEdge10 ManualsComputer equipmentC171

201

202

203

204

205

206

207

208

209

210

xStack DGS-3400 Series Layer 2 Gigabit Managed Switch CLI Manual

config cpu access_profile

Parameters

<portlist>| all - Enter the port or ports to which this access profile applies. The port list is

specified by listing the lowest switch number and the beginning port number on that switch,

separated by a colon. Then the highest switch number, and the highest port number of the

range (also separated by a colon) are specified. The beginning and end of the port list range

are separated by a dash. For example, 1:3 specifies switch number 1, port 3. 2:4 specifies

switch number 2, port 4. 1:3-2:4 specifies all of the ports between switch 1, port 3 and switch

2, port 4 − in numerical order. Entering all will denote all profiles on the switch or in the

switch stack. Non-contiguous portlist entries are separated by a comma. (ex: 1:1-1:3,1:7-1:9)

permit | deny – Specify that the packet matching the criteria configured with command will

either be permitted entry to the cpu or denied entry to the CPU.

{time_range <range_name 32>} – Choose this parameter and enter the name of the Time

Range settings that has been previously configured using the config time_range command.

This will set specific times when this access rule will be enabled or disabled on the Switch.

delete access_id <value 1-100> - Use this to remove a previously created access rule in a

profile ID.

Restrictions Only administrator-level users can issue this command.

• type <value 0-255> − Specifies that the access profile will apply to this ICMP

type value.

• code <value 0-255> − Specifies that the access profile will apply to this ICMP

code.

• igmp − Specifies that the Switch will examine the Internet Group Management

Protocol (IGMP) field within each packet.

• type <value 0-255> − Specifies that the access profile will apply to packets that

have this IGMP type value.

• tcp − Specifies that the Switch will examine the Transmission Control Protocol (TCP)

field within each packet.

• src_port <value 0-65535> − Specifies that the access profile will apply only to

packets that have this TCP source port in their TCP header.

• dst_port <value 0-65535> − Specifies that the access profile will apply only to

packets that have this TCP destination port in their TCP header.

• udp − Specifies that the Switch will examine the Transmission Control Protocol

(TCP) field within each packet.

• src_port <value 0-65535> − Specifies that the access profile will apply only to

packets that have this UDP source port in their header.

• dst_port <value 0-65535> − Specifies that the access profile will apply only to

packets that have this UDP destination port in their header.

• protocol_id <value 0-255> − Specifies that the Switch will examine the protocol field

in each packet and if this field contains the value entered here, apply the following

rules.

• user_define_mask <hex 0x0-0xffffffff> − Specifies that the rule applies to the IP

protocol ID and the mask options behind the IP header.

• packet_content_mask – Specifies that the Switch will mask the packet header

beginning with the offset value specified as follows:

• offset_0-15 - Enter a value in hex form to mask the packet from byte 0 to byte 15.

• offset_16-31 - Enter a value in hex form to mask the packet from byte 16 to byte 31.

• offset_32-47 - Enter a value in hex form to mask the packet from byte 32 to byte 47.

• offset_48-63 - Enter a value in hex form to mask the packet from byte 48 to byte 63.

• offset_64-79 - Enter a value in hex form to mask the packet from byte 64 to byte 79.

Example usage:

To configure CPU access list entry:

198