DGS-3710 Series Layer 2 Managed Gigabit Switch CLI Reference Guide
87
Chapter 6
Access Control List
(ACL) Commands
create access_profile profile_id
<value 1-12> profile_name <name 1-32> [ethernet {vlan {<hex
0x0-0x0fff>} | source_mac <macmask> | destination_mac <macmask> | 802.1p |
ethernet_type}(1) | ip {vlan {<hex 0x0-0x0fff>} | source_ip_mask <netmask> |
destination_ip_mask <netmask> | dscp | [icmp {type | code} | igmp {type} | tcp {src_port_mask
<hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff> | flag_mask [all | {urg | ack | psh | rst | syn |
fin}]} | udp {src_port_mask <hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff>} |
protocol_id_mask <hex 0x0-0xff> {user_define_mask <hex 0x0-0xffffffff>}]}(1) |
packet_content_mask {offset_chunk_1 <value 0-31> <hex 0x0-0xffffffff> | offset_chunk_2
<value 0-31> <hex 0x0-0xffffffff> | offset_chunk_3 <value 0-31> <hex 0x0-0xffffffff> |
offset_chunk_4 <value 0-31> <hex 0x0-0xffffffff>}(1) | ipv6 {[{class | flowlabel | [tcp
{src_port_mask <hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff>} | udp {src_port_mask
<hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff>}]} | source_ipv6_mask <ipv6mask> |
destination_ipv6_mask <ipv6mask>]}(1)]
delete access_profile
[profile_id <value 1-12> | profile_name <name 1-32> | all]
config access_profile
[profile_id <value 1-12> | profile_name <name 1-32>] [add access_id
[auto_assign | <value 1-128>] [ethernet {[vlan <vlan_name 32> | vlan_id <vlanid 1-4094>]
{mask <hex 0x0-0x0fff>} | source_mac <macaddr> {mask <macmask>} | destination_mac
<macaddr> {mask <macmask>} | 802.1p <value 0-7> | ethernet_type <hex 0x0-0xffff>}(1) | ip
{[vlan <vlan_name 32> | vlan_id <vlanid 1-4094>] {mask <hex 0x0-0x0fff>} | source_ip
<ipaddr> {mask <netmask>} | destination_ip <ipaddr> {mask <netmask>} | dscp <value 0-63>
| [icmp {type <value 0-255> | code <value 0-255>} | igmp {type <value 0-255>} | tcp {src_port
<value 0-65535> {mask <hex 0x0-0xffff>} | dst_port <value 0-65535> {mask <hex 0x0-0xffff>}
| flag [all | {urg | ack | psh | rst | syn | fin}]} | udp {src_port <value 0-65535> {mask <hex 0x0-
0xffff>} | dst_port <value 0-65535> {mask <hex 0x0-0xffff>}} | protocol_id <value 0-255>
{user_define <hex 0x0-0xffffffff> {mask <hex 0x0-0xffffffff>}}]}(1) | packet_content
{offset_chunk_1 <hex 0x0-0xffffffff> | offset_chunk_2 <hex 0x0-0xffffffff> | offset_chunk_3
<hex 0x0-0xffffffff> | offset_chunk_4 <hex 0x0-0xffffffff>}(1) | ipv6 {[{class <value 0-255> |
flowlabel <hex 0x0-0xfffff> | [tcp {src_port <value 0-65535> {mask <hex 0x0-0xffff>} | dst_port
<value 0-65535> {mask <hex 0x0-0xffff>}} | udp {src_port <value0-65535> {mask <hex 0x0-
0xffff>} | dst_port <value 0-65535> {mask <hex 0x0-0xffff>}}]} | source_ipv6 <ipv6addr> {mask
<ipv6mask>} | destination_ipv6 <ipv6addr> {mask <ipv6mask>}]}(1)] [port [<portlist> | all] |
vlan_based [vlan <vlan_name 32> | vlan_id <vlanid 1-4094>]] [permit {priority <value 0-7>
{replace_priority} | [replace_dscp_with <value 0-63> | replace_tos_precedence_with <value 0-
7>] | counter [enable | disable]} | mirror | deny] {time_range <range_name 32>} | delete
access_id <value 1-128>]
show access_profile
{[profile_id <value 1-12> | profile_name <name 1-32>]}
config time_range
<range_name 32> [hours start_time <time hh:mm:ss> end_time <time
hh:mm:ss> weekdays <daylist> |delete ]
show time_range
show current_config access_profile
delete cpu access_profile
[profile_id <value 1-5> | all]
create cpu access_profile profile_id
<value 1-5> [ethernet {vlan | source_mac <macmask> |
destination_mac <macmask> | 802.1p | ethernet_type}(1) | ip {vlan | source_ip_mask
<netmask> | destination_ip_mask <netmask> | dscp | [icmp {type | code} | igmp {type} | tcp
{src_port_mask <hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff> | flag_mask [all | {urg | ack
| psh | rst | syn | fin}]} | udp {src_port_mask <hex 0x0-0xffff> | dst_port_mask <hex 0x0-0xffff>}
| protocol_id_mask <hex 0x0-0xff> {user_define_mask <hex 0x0-0xffffffff>}]}(1) |
packet_content_mask {offset_0-15 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>
<hex 0x0-0xffffffff> | offset_16-31 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>
<hex 0x0-0xffffffff> | offset_32-47 <hex 0x0-0xffffffff> <hex 0x0-0xffffffff> <hex 0x0-0xffffffff>