xStack
®
DGS-3400 Series Layer 2 Gigabit Managed Switch CLI Manual
217
create access_profile (packet content )
Purpose Used to create an access profile on the Switch by examining the Ethernet part of the
packet header. Packet content masks entered will specify certain bytes of the packet
header to be identified by the Switch. When the Switch recognizes a packet with the
identical byte as the one configured, it will either forward or filter the packet, based on the
users command. Specific values for the rules are entered using the config
access_profile command, below.
Syntax
create access_profile profile_id <value 1-6> packet_content_mask {offset_chunk_1
<value 0-31> <hex 0x0-0xffffffff> | offset_chunk_2 <value 0-31> <hex 0x0-0xffffffff> |
offset_chunk_3 <value 0-31> <hex 0x0-0xffffffff> | offset_chunk_4 <value 0-31>
<hex 0x0-0xffffffff>} (1)
Description This command is used to identify packets by examining the Ethernet packet header, by
byte and then decide whether to filter or forward it, based on the user’s configuration. The
user will specify which bytes to examine by entering them into the command, in hex form,
and then selecting whether to filter or forward them, using the config access_profile
command.
Parameters packet_content_mask – The offset field is used to examine the packet header which is
divided up into four “chunks” where each chunk represents 4 bytes. Values within the
packet header chunk to be identified are to be marked in hexadecimal form in the “mask”
field. The following table will help you identify the bytes in the respective chunks.
chunk0
chunk1 chunk2…….chunk29 chunk30 chunk31
b126 b2 b6 b114 b118 b122
b127 b3 b7 b115 b119 b123
b1 b4 b8 b116 b120 b124
b0 b5 b9 b117 b121 b125
Check the box of the chunk, from 1 to 4, you wish to examine and then enter the
hexadecimal value in the mask field.
profile_id <value 1-6> − Specifies an index number between 1 and 6 that will identify the
access profile being created with this command.
Restrictions Only Administrator and Operator-level users can issue this command.
Example usage:
To create an access profile by packet content mask:
DGS-3627:5#create access
profile packet
content
mask offset
chunk
1 1
0xFFFFFFFF profile_id 3
Command: create access_profile packe
content
mask offset
chunk
1 1 0xFFFFFFFF
profile_id 3
Success.
DGS-3627:5#
config access_profile profile_id (packet content)
Purpose To configure the rule for a previously created access profile command based on the
packet content mask. Packet content masks entered will specify certain bytes of the
packet header to be identified by the Switch. When the Switch recognizes a packet with
the identical byte as the one configured, it will either forward or filter the packet, based on
the users command entered here.
Syntax
config access_profile profile_id <value 1-6> [add access_id <value 1-128>
packet_content {offset_chunk_1 <hex 0x0-0xffffffff> | offset_chunk_2 <hex 0x0-
0xffffffff> | offset_chunk_3 <hex 0x0-0xffffffff> | offset_chunk_4 <hex 0x0-
0xffffffff>} (1) port [<portlist> | all] [permit {priority <value 0-7> {replace_priority} |
rx_rate {no_limit | <value 1-156249>]} | replace_dscp <value 0-63> | counter [enable
| disable]} | mirror | deny} {time_range <range_name 32>} | delete access_id <value
1-128>]
