D-Link DS-3550 Command Line Interface Reference Manual - page 143
135
create access_profile
•
flag_mask [ all | {urg | ack | psh | rst | syn | fin}] – Enter the
appropriate flag_mask parameter. All incoming packets have
TCP port numbers contained in them as the forwarding
criterion. These numbers have flag bits asscociated with them
which are parts of a packet that determine what to do with the
packet. The user may deny packets by denying certain flag bits
within the packets. The user may choose between all, urg
(urgent), ack (acknowledgement), psh (push), rst (reset), syn
(synchronize) and fin (finish).
•
udp
− Specifies that the switch will examine each frame’s
Universal Datagram Protocol (UDP) field.
•
src_port_mask
− Specifies a UDP port
mask for the source port.
•
dst_port_mask
− Specifies a UDP port
mask for the destination port.
•
protocol_id
− Specifies that the switch will examine each
frame’s Protocol ID field.
•
user_define_mask
− Specifies that the
rule applies to the IP protocol ID and the mask options behind
the IP header.
•
packet_content_mask – Specifies that the switch will mask the
packet header beginning with the offset value specified as
follows:
•
offset_0-15 – Enter a value in hex form to mask the packet
from the beginning of the packet to the 16
th
byte.
•
offset_16-31 - Enter a value in hex form to mask the packet
from byte 16 to byte 31.
•
offset_32-47 - Enter a value in hex form to mask the packet
from byte 32 to byte 47.
•
offset_48-63 - Enter a value in hex form to mask the packet
from byte 48 to byte 63.
•
offset_64-79- Enter a value in hex form to mask the packet
from byte 64 to byte 79.
port
all – denotes all ports on the switch.
profile_id
− Specifies an index number that will
identify the access profile being created with this command.
Restrictions
Only administrator-level users can issue this command.
Example usage:
To create an access list rules: