D-Link DS-3550 Command Line Interface Reference Manual - (Acl) C
132
21
A
CCESS
C
ONTROL
L
IST
(ACL) C
OMMANDS
The DES-3550 implements Access Control Lists that enable the switch to deny network access to specific devices or device
groups based on IP settings or MAC address.
Command Parameters
create
access_profile
[ ethernet{ vlan | source_mac
source_ip_mask
dscp | [ icmp {type | code } | igmp {type } | tcp
{src_port_mask
flag_mask [all | {urg | ack | psh | rst | syn | fin}]} | udp
{src_port_mask
protocol_id_mask 0xffffffff> 0xffffffff> 0xffffffff> | offset_16-31 0x0-0xffffffff> 0xffffffff> offset_48-63 0xffffffff> 0x0-0xffffffff> 0xffffffff>}]{port[ delete access_profile profile_id config access_profile profile_id }| ip {vlan 0-65535> | dst_port psh | rst | syn | fin}]} | udp {src_port 0xffffffff> 0xffffffff> | offset_16-31 0x0-0xffffffff> 0xffffffff> offset_48-63 0xffffffff> 0x0-0xffffffff> permit{replace_priority_with show access_profile {profile_id Due to a chipset limitation, the switch currently supports a maximum of 9 access profiles, each containing a maximum of 50 rules − with the additional limitation of 50 rules total for all 9 access profiles. Access profiles allow you to establish criteria to determine whether or not the switch will forward packets based on the information contained in each packet’s header. These criteria can be specified on a VLAN-by-VLAN basis.