Clear security acl, Clears all security ACLs

clear security acl

Clears a specified security ACL, an access control entry (ACE), or all security ACLs, from the edit buffer. When used with the command commit security acl, clears the ACE from the running configuration.

Syntax: clear security acl {acl-name all} [editbuffer-index]

acl-name	Name of an existing security ACL to clear. ACL names start with a letter and
	are case-insensitive.
all	Clears all security ACLs.

editbuffer-indexNumber that indicates which access control entry (ACE) in the security ACL to clear. If you do not specify an ACE, all ACEs are cleared from the ACL.

Defaults: None.

Access: Enabled.

Usage: This command deletes security ACLs only in the edit buffer. You must use the commit security acl command with this command to delete the ACL or ACE from the running configuration and nonvolatile storage.

The clear security acl command deletes a security ACL, but does not stop its current filtering function if the ACL is mapped to any virtual LANs (VLANs), ports, or virtual ports, or if the ACL is applied in a Filter-Id attribute to an authenticated user or group of users with current sessions.

Examples: The following commands display the current security ACL configuration, clear acl_ 133 in the edit buffer, commit the deletion to the running configuration, and redisplay the ACL configuration to show that it no longer contains acl_133:

DWS-1008# show security acl info all ACL information for all

set security acl ip acl_133 (hits #1 0)

---------------------------------------------------------

1.deny IP source IP 192.168.1.6 0.0.0.0 destination IP any set security acl ip acl_134 (hits #3 0)

---------------------------------------------------------

1.permit IP source IP 192.168.0.1 0.0.0.0 destination IP any enable-hits set security acl ip acl_135 (hits #2 0)

---------------------------------------------------------

1.deny IP source IP 192.168.1.1 0.0.0.0 destination IP any enable-hits

DWS-1008#clear security acl acl_133

DWS-1008# commit security acl acl_133 configuration accepted

D-Link DWS-1008 CLI Manual

470

Page 473

Image 473

D-Link dws-1008 Clear security acl, Syntax clear security acl acl-name all editbuffer-index, Clears all security ACLs

Contents

Page Table of Contents Link DWS-1008 CLI Manual Link Mobility System Convention Use DWS-1008 DWS-1008# DWS-mmmm-nnnnnnDWS-mmmm-nnnnnn# Clear fdb dynamic I port port-list v1 an vlan-id Set port enable I disable port-listClear interface vlan-id ip Wildcard Masks Subnet Masks User Glob Users Designated MAC Address Globs DWS-1008#show port status 1-3,6 Port Lists Keyboard Shortcuts Function Command-Line Editing Using CLI Help Set ap port-list dap dap-numname name Set ap dap name command has the following complete syntaxSet ap dap name Enable DisableDefaults None Access Enabled Syntax enable Access All Syntax quit Defaults None Access All Set enablepassSyntax set enablepass Defaults None Access Enabled Quit Auto-Config ConfigurationDisplay System Identification Clear prompt Clear banner motdClear history Clear system Clears the system configuration of the specified information Help Quickstart History Set banner motd Syntax set banner motd text Defaults None Access Enabled Set length Set confirmSyntax set confirm on off DWS-1008#clear vlan red DWS-1008#set length Set licenseSyntax set license activation-key Activation-key Syntax set prompt string Set prompt Set system contact Stores a contact name for the DWS-1008 switchSet system country code Syntax set system contact string Link DWS-1008 CLI Manual Syntax set system idle-timeout seconds Set system idle-timeout Clear system Show system Set system ip-addressSyntax set system ip-address ip-addr Ip-addrIP address, in dotted decimal notation Set system name Set system locationSyntax set system location string Syntax set system name string Clear banner motd Link DWS-1008 CLI Manual Syntax show banner motd Defaults None Access EnabledShow banner motd Syntax show load Defaults None Access Enabled Syntax show licenses Defaults None Access AllShow licenses Show load Displays system information Syntax show system Defaults None Access EnabledShow system Field Description Configured with set system countrycodeName With set system location Show tech-support Show boot Show config Set licenses Link DWS-1008 CLI ManualNvram size /SDRAM size percent of total Syntax show tech-support file subdirname/ filename State Port TypeInterface Type Speed Clear dap Syntax clear port counters Defaults None Access EnabledClear port counters Syntax clear dap dap-num Clear port-group Syntax clear port mirror Defaults None Access EnabledClear port mirror Syntax clear port-group name name Clear port type Defaults NoneClear port name DWS-1008#clear port type STP Monitor port counters Key Effect on monitor display Syntax monitor port counters Displayed for All Statistics Option Field Description Transmit-errors Details command Reset portSet dap Serial id serial ID Disable Syntax set port enable disable port-list EnableSet port Port-list Mode on off Set reset portSet port-group Syntax set port-group name group-nameport-listmode on off Clear port-group Link DWS-1008 CLI Manual Name name Set port mirrorSet port name Enable disable Syntax set port negotiation port-listenable disableSet port negotiation Clear port name Following command enables autonegotiation on port DWS-1008#set port negotiation 1,2,4-6 disableDWS-1008#set port negotiation 5 enable Syntax set port poe port-listenable disable DWS-1008#set port poe 2,4 enable DWS-1008#set port poe 3,5 disableSet port speed Syntax set port speed port-list10 100 auto Set port trap EnableDisable Set port type ap Configures a DWS-1008 switch port for an AP access pointModel Poe enable disable radiotype 11a 11b 11g Port Parameter Setting DWS-1008#set port type ap 2 model DWL-8220AP poe enable Configures an DWS-1008 port for a wired authentication user Set port type wired-authWired Authentication Port Defaults Port Parameter Setting Port-list tag-list Num last-resort Clear port type Set port type Link DWS-1008 CLI Manual Show port counters Defaults None Access AllPort port-list Statistics for all ports Show port mirror Show port-group DWS-1008# show port poe Show port poeSyntax show port poe port-list Show port status Displays configuration and status information for portsSyntax show port status port-list DWS-1008# show port status Creation FDB Aging TimeoutPorts Restriction of Client Layer 2 Forwarding Port port-lis Vlan vlan-id Tag tag-value Clear fdbDeletes an entry from the forwarding database FDB Vlan-id Vlan name or number Clear security l2-restrictPermit-mac All Clear vlan Clear security l2-restrict countersSyntax clear security l2-restrict counters vlan vlan-id all All DWS-1008#clear vlan green port Set vlan port Show vlan config Link DWS-1008 CLI ManualDWS-1008#clear vlan red port 4 tag DWS-1008#clear vlan marigold Port port-list Set fdbMac-addr Set fdb agingtime Mode enable disableSet security l2-restrict Syntax set fdb agingtime vlan-idage seconds Set vlan name Defaults Layer 2 restriction is disabled by defaultCreates a Vlan and assigns a number and name to it Syntax set vlan vlan-numname name Syntax set vlan vlan-idport port-listtag tag-value Set vlan portSet vlan port Show fdb DWS-1008# show fdb Show fdb agingtimeSyntax show fdb agingtime vlan vlan-id DWS-1008#show fdb agingtime Show fdb count Vlan vlan-id Defaults None. Access AllShow security l2-restrict DWS-1008#show fdb count dynamic Syntax show vlan config vlan-id Show vlan configDWS-1008# show security l2-restrict Displays Vlan information Tunl Port Vlan Name Status State Affin Port Tag DWS-1008# show vlan config burgundyVlan From-qos Clear qosFrom 0 to From-dscp Syntax set qos cos-to-dscp-map level dscp dscp-valuelevel Set qos cos-to-dscp-mapDscp dscp-value DWS-1008#set qos cos-to-dscp-map 5 dscp Set qos dscp-to-cos-map Syntax show qos defaultShow qos Syntax set qos dscp-to-cos-map dscp-rangecos level Syntax show qos dscp-table Defaults None Access Enabled DWS-1008#show qos defaultShow qos dscp-table DWS-1008#show qos dscp-table Syntax clear interface vlan-idip Clear interfaceRemoves an IP interface Clear ip alias Syntax clear ip dns domain Defaults None Access EnabledClear ip dns domain Syntax clear ip alias name Clear ip dns server DefaultClear ip route Syntax clear ip dns server ip-addr Clear ip telnet Defaults The default Telnet port number isSet ip route Show ip route Syntax clear ip telnet Syntax clear ntp update-interval Clear ntp update-intervalClear ntp server Syntax clear ntp server ip-addr all Clear snmp notify profile Clear snmp communitySyntax clear snmp community name comm-string Syntax clear snmp notify profile profile-name Clear snmp usm Clear snmp notify targetSyntax clear snmp notify target target-num Target-num ID of the target Syntax clear system ip-address Defaults None Access Enabled Syntax clear summertime Defaults None Access EnabledClear summertime Clear system ip-address Ping Clear timezoneDnf Flood Size size DefaultsIs 8 bytes larger than the size you specify DWS-1008#ping Set arp agingtime Set arpIp-addr Mac-addr Syntax set arp agingtime seconds Set arp Show arp Configures an IP interface on a VlanSet interface Syntax set interface vlan-idip dhcp-client enable disable DWS-1008#set interface default ip 10.10.10.10/24Set interface dhcp-client DWS-1008#set interface mauve ip 10.10.20.10 Enables the Dhcp server Configures the MSS Dhcp serverDisables the Dhcp server Set interface dhcp-server Set interface status Administratively disables or reenables an IP interfaceSet ip dns domain Set ip dns server Show dhcp-server Syntax set interface vlan-idstatus up down Set ip dns Set ip alias Set ip dns server Set ip dns domainSyntax set ip dns domain name DWS-1008#set ip dns domain example.com Set ip https server Syntax set ip https server enable disable Adds a static route to the IP route table Set ip routeIs not available for the destination Ip-addr mask Syntax set ip snmp server enable disable Enables or disables the Snmp service on the DWS-1008 switchSet ip snmp server Clear ip route Show interface Show ip route Set ip ssh server Link DWS-1008 CLI Manual Set ip sshSyntax set ip ssh port port-num Set ip ssh server Syntax set ip ssh server enable disableSet ip telnet Syntax set ip telnet port-num Set ip telnet server Enables the Telnet server on a DWS-1008 switchSyntax set ip telnet server enable disable Set ntp Syntax set ntp enable disableSet ntp server Syntax set ntp server ip-addr DWS-1008#set ntp server See Also Set ntp update-intervalSyntax set ntp update-interval seconds Set snmp community Set snmp notify profile Default profile-nameDrop send Notifications you specify with notification-type or allPage Page RFDetectRogueDisappearTraps success change accepted DWS-1008#set snmp notify profile snmpprofrfdetect sendRFDetectInterferingRogueAPTraps success change accepted Username Set snmp notify targetSNMPv3 with Informs Snmp-engine-id Authenticated encryptedIp hex hex-string Security unsecured SNMPv2c with Informs Timeout numRetries num SNMPv2c with Traps Success change accepted Link DWS-1008 CLI Manual 110 SNMPv1 with Traps Set snmp protocol Syntax set snmp protocol v1 v2c usm all enable disableV2c Usm Set snmp security AuthenticatedEncrypted Auth-req-unsecnotify Creates a USM user for SNMPv3 Set snmp usm Auth-pass-phrase string Auth-type none md5 shaAuth-key hex-string Encrypt-type none des Start Set summertimeStart of the time change period End DWS-1008#set interface taupe ip 10.10.20.20/24 Defaults None Access Enabled Set timezone Set timedateSyntax set timedate date mmm dd yyyy time hhmmss DWS-1008#set timedate date feb 29 2004 time DWS-1008#set timezone PST Show arpSyntax show arp ip-addr Ip-addr IP address Show dhcp-client Syntax show dhcp-client Defaults None Access AllDWS-1008#show dhcp-client Ifup Syntax show dhcp-server interface vlan-id verbose Show dhcp-serverVerbose DWS-1008# show dhcp-server Link DWS-1008 CLI Manual 121 DWS-1008#show dhcp-server verboseBound Syntax show interface vlan-id Displays the IP interfaces configured on the switchShow interface Set interface dhcp-client Set interface dhcp-server Set interface status Set ip alias Set ip dns domain Set ip https server Metric Default-routerIp-addr/mask-length Enables or disables the Snmp service on the switch Disables or reenables the SSH server on a DWS-1008 switch Set ip telnet Set ntp Set ntp server Set snmp community Spaces To modify the default notification profile, specify defaultNotification-type Name of the notification typePage RFDetectAdhocUserTraps success change accepted Sends or drops all notifications RFDetectUnAuthorizedSsidTraps success change accepted RFDetectSpoofedMacAPTraps success change accepted Snmp-engine-id Authenticated encryptedIp hex hex-string Security unsecured SNMPv3 with Traps Resend a notification that has not been acknowledged Specifies the number of times the MSS Snmp engine willBy the target. You can specify from 0 to 3 retries Specifies the number of seconds MSS waits for SNMPv1 with Traps 144 Set snmp usm Page String auth-keyhex-string Auth-type none md5 sha auth-pass-phrase Link DWS-1008 CLI Manual 148 End Set system ip-address Link DWS-1008 CLI Manual 151 Sets the time of day and date on the switch 152 Dynamic ResolvedLocal Resolved Show dhcp-client Link DWS-1008 CLI Manual 154 Link DWS-1008 CLI Manual 155 Table below shows the output for show dhcp-server verbose YES DWS-1008# show interfaceIpv4 Link DWS-1008 CLI Manual 156 Syntax show ip alias name Show ip aliasName Alias string DWS-1008#show ip alias Show ip dns Displays the DNS servers the switch is configured to useSyntax show ip dns Defaults None Access All Show ip https Syntax show ip https Defaults None Access AllDisplays information about the Https management port DWS-1008 show ip https Syntax show ip route destination Show ip routeDWS-1008# show ip route Multicast Displays information about the Telnet management port Syntax show ip telnet Defaults None Access AllShow ip telnet Show ntp Syntax show ntp Defaults None Access AllDisplays NTP client information Link DWS-1008 CLI Manual 162 Show snmp community Syntax show snmp counters Defaults None Access EnabledShow snmp counters Show snmp notify profile Show snmp usm Defaults None Access Enabled See AlsoShow snmp status Show summertime Syntax show timedate Defaults None Access AllShow timedate Syntax show summertime Show timezone Syntax show timezone Defaults None Access AllTelnet DWS-1008#show timezone Clear sessions Show sessions Link DWS-1008 CLI Manual 167 DWS-1008#telnet Traceroute Ping Link DWS-1008 CLI Manual 169 Local Authorization for AuthenticationPassword Users Web authorization User-glob Clear accounting Clear authentication console Clear authentication adminSyntax clear authentication admin user-glob Syntax clear authentication console user-glob DWS-1008#clear authentication console Regina Clear authentication dot1xRemoves an 802.1X authentication rule Wired Clear authentication proxy Clear authentication macRemoves a MAC authentication rule Syntax clear authentication proxy ssid ssid-nameuser-glob Removes a rule from the location policy on a switch Clear authentication webClear location policy Removes a WebAAA rule Clear mac-user attr Clear mac-userSyntax clear mac-user mac-addr Syntax clear mac-user mac-addrattr attribute-name Syntax clear mac-user mac-addrgroup Clear mac-user groupSet mac-user attr Show aaa Clear mac-usergroup attr Clear mac-usergroupSyntax clear mac-usergroup group-name Group-name Name of an existing MAC user group Clear user Username Username of a user with a passwordClear mac-usergroup Set mac-usergroup attr Show aaa Syntax clear user username Clear user attr Username Username of a user with a passwordClear user group Syntax clear user username attr attribute-name Clear usergroup Set user group Show aaa Clear usergroupSyntax clear usergroup group-name Group-name Name of an existing user group Syntax clear usergroup group-nameattr attribute-name Set accounting admin consoleClear usergroup attr Clear accounting Show accounting statistics Set accounting dot1x mac web last-resortMethod1 method2 method3 method4 Link DWS-1008 CLI Manual 183 Mac WiredWeb Start-stop Syntax set accounting system method1 method2 method3 method4 Set accounting system Link DWS-1008 CLI Manual 186 Set authentication admin Link DWS-1008 CLI Manual 187 Set authentication console Link DWS-1008 CLI Manual 188 For details, see User Globs on Link DWS-1008 CLI Manual 189 Set authentication dot1xAuthentication port Protocol Been authenticatedBonded Access Enabled Link DWS-1008 CLI Manual 192 Set authentication macAuthentication port Access Enabled User-glob Single user or a set of users Set authentication proxy Set authentication web See Also Set location policy Modify rule-number User operator user-globBefore rule-number DWS-1008#set location policy deny if user eq *.theirfirm.com Set mac-user attr Set mac-userSyntax set mac-user mac-addrgroup group-name Syntax set mac-user mac-addrattr attribute-name value Attribute Description Valid Values Link DWS-1008 CLI Manual 201 YY/MM/DD-HHMM Link DWS-1008 CLI Manual 202 Time-of-day tu1000-1600,th1000-1600 Link DWS-1008 CLI Manual 203 Clear mac-user attr Show aaa Link DWS-1008 CLI Manual 204 Syntax set mac-usergroup group-nameattr attribute-name value Set mac-usergroup attr DWS-1008#set user Nin password 29Jan04 See Also Syntax set user username password encrypted stringSet user Clear user Show aaa Link DWS-1008 CLI Manual 206 Clear user attr Show aaa Link DWS-1008 CLI Manual 207 Set user attr Set usergroup Set user groupSyntax set user username group group-name Clear user group Show aaa Defaults Enabled Access Enabled Syntax set web-portal enable disableDWS-1008#set web-portal disable Set web-portal Show aaa Displays all current AAA settingsSyntax show aaa Defaults None Access Enabled Acctport AAAACCTSVCATTR=2 Show accounting statisticsDWS-1008#show accounting statistics Syntax show location policy Defaults None Access Enabled Clear accounting Set accounting admin console Show aaaShow location policy DWS-1008show location policy PKCS#7 Certificates Encryption KeysPKCS#12 Certificate Self-Signed Certificate Admin Syntax crypto ca-certificate admin eap webCrypto ca-certificate PEM-formatted-certificate Begin Certificate Crypto certificate Ssh Crypto generate key String Syntax crypto generate request admin eap web admin Eap WebCrypto generate request Alphanumeric characters with no spaces DWS-1008#crypto generate request adminAre supported on your network. This field is required With no spaces Crypto generate self-signed Syntax crypto generate self-signed admin eap web AdminBegin Certificate Request END Certificate Request Name. It simply needs to be formatted like one DWS-1008#crypto generate self-signed admin One-time-password Syntax crypto otp admin eap web one-time-password AdminCrypto otp DWS-1008#crypto generate otp eap hap9iN#ss Crypto pkcs12 Syntax crypto pkcs12 admin eap web file-location-urlFile-location-url DWS-1008#crypto otp eap hap9iN#ss DWS-1008#show crypto ca-certificate Show crypto ca-certificateTable below describes the fields in the display Fields Description DWS-1008#show crypto certificate eap Show crypto certificate Show crypto key domain Syntax show crypto key domain Defaults None Access EnabledShow crypto key ssh Crypto generate key Link DWS-1008 CLI Manual 226 Radius Servers Radius ClientServer Groups Radius Proxy Clear radius Clear radius client system-ip Clear radius proxy client Removes Radius proxy ports configured for third-party APsClear radius proxy port Removes Radius proxy client entries for third-party APs Clear server group Clear radius serverSyntax clear radius server server-name Syntax clear server group group-nameload-balance Set radius Timeout secondsDeadtime minutes Encrypted-key string Encrypted-key-No key Set radius proxy client Set radius client system-ipSyntax set radius client system-ip Clear radius client system-ip Set system ip-address Set radius proxy port Set radius server Author-passwordAddress Auth-port Encrypted-key-No key Author-password-trapeze Access Enabled Names of one or more configured Radius servers Configures a group of one to four Radius serversSet server group Members Defaults Load balancing is disabled by default Enable disableSet server group load-balance Group-name Server group name of up to 32 characters Bonded Authentication Wired AuthenticationReauthentication Port Control Syntax clear dot1x max-req Clear dot1x bonded-periodClear dot1x max-req Clear dot1x quiet-period Clear dot1x port-controlSyntax clear dot1x port-control Syntax clear dot1x quiet-period Clear dot1x reauth-period Clear dot1x reauth-maxSyntax clear dot1x reauth-max Syntax clear dot1x reauth-period Clear dot1x timeout supplicant Clear dot1x timeout auth-serverDefaults The default is 30 seconds Set dot1x timeout auth-server Show dot1x Clear dot1x tx-period Syntax set dot1x authcontrol enable disable enable DisableSet dot1x authcontrol Syntax clear dot1x tx-period Syntax set dot1x bonded-period seconds Set dot1x bonded-period Defaults Key transmission is enabled by default Syntax set dot1x key-tx enable disable EnableSet dot1x key-tx Set dot1x max-req Show port status Show dot1x Link DWS-1008 CLI Manual 248 Set dot1x port-controlClear dot1x max-req Show dot1x Set dot1x reauth-max Set dot1x quiet-periodSyntax set dot1x quiet-period seconds Seconds Specify a value between 0 and 65,535 Syntax set dot1x timeout auth-server seconds Set dot1x timeout auth-serverSet dot1x reauth-period Syntax set dot1x reauth-period seconds Syntax set dot1x timeout supplicant seconds Set dot1x timeout supplicantClear dot1x timeout auth-server Show dot1x Set dot1x tx-period Set dot1x wep-rekey Syntax set dot1X wep-rekey enable disable enable DisableSet dot1x wep-rekey-period Syntax set dot1x wep-rekey-period seconds Config Syntax show dot1x clients stats config clients StatsDisplays a summary of the current configuration Show dot1x DWS-1008#show dot1x config Type the following command to display the 802.1X clients Link DWS-1008 CLI Manual 255 Type the following command to display 802.1X statisticsDWS-1008# show dot1x stats DWS-1008#clear sessions admin Administrative SessionsClear sessions Network Sessions Clear sessions network Show sessions SSH DWS-1008# clear sessions adminDWS-1008# show sessions console DWS-1008# show sessions telnet Clear sessions Show sessions networkMac-addr Link DWS-1008 CLI Manual 260 Session-id Show sessions network commandVerbose Show sessions network session-id display DWS-1008# show sessions network verbose DWS-1008# show sessions network mac-addr 00055d7e981aDWS-1008# show sessions network user E Active DWS-1008#show sessions network session-idSsid LAST-RESORT Link DWS-1008 CLI Manual 264 Additional show sessions network verbose Output Link DWS-1008 CLI Manual 265 Show sessions network session-id Output Link DWS-1008 CLI Manual 266 Countermeasures Rogue InformationPermitted Vendor List Permitted Ssid List Clear rfdetect ignore Clear rfdetect attack-listSyntax clear rfdetect attack-list mac-addr Syntax clear rfdetect ignore mac-addr Syntax clear rfdetect ssid-list ssid-name Clear rfdetect ssid-listClear rfdetect vendor-list Set rfdetect black-list Set rfdetect attack-listSyntax set rfdetect attack-list mac-addr Syntax set rfdetect black-list mac-addr Set rfdetect black-list Show rfdetect black-list Set rfdetect ignoreSyntax set rfdetect ignore mac-addr Mac-addr Bssid MAC address of the device to ignore Syntax set rfdetect signature enable disable Enable Syntax set rfdetect log enable disable EnableSet rfdetect log Set rfdetect signature Syntax set rfdetect ssid-list ssid-name Set rfdetect ssid-list Link DWS-1008 CLI Manual 274 Set rfdetect vendor-listShow rfdetect attack-list Show rfdetect clients Show rfdetect black-listDWS-1008# show rfdetect attack-list DWS-1008# show rfdetect black-list Total number of entries Client MAC DWS-1008# show rfdetect clientsAP MAC DWS-1008#show rfdetect clients mac 000c4163fd6d Rssi Show rfdetect countermeasuresBssid Link DWS-1008 CLI Manual 277 Show rfdetect counters Syntax show rfdetect counters Defaults None Access EnabledDWS-1008# show rfdetect countermeasures Link DWS-1008 CLI Manual 278 Type Current DWS-1008#show rfdetect countermeasures Syntax show rfdetect data Defaults None Access Enabled Displays information about the APs detected by a switchShow rfdetect data Vendor Type Port/Radio Flags Show rfdetect visible Syntax show rfdetect ignore Defaults None Access EnabledShow rfdetect ignore Show rfdetect vendor-list Syntax show rfdetect ssid-list Defaults None Access EnabledShow rfdetect ssid-list Radio Showapdapstatus commandShow rfdetect visible Syntax test rflink mac mac-addr session-id session-id Test rflinkShow rfdetect data Rssi SNR DWS-1008# test rflink mac 000e9bbfad13RTT micro-secs 976 Configuration File Boot SettingsSoftware Version File Management Syntax backup system tftp/ip-addr/filenameall critical BackupDir command output Critical Syntax clear boot config Defaults None Access Enabled Clear boot backup-configurationClear boot config Copy DWS-1008#clear boot configDWS-1008#reset system force Delete Dir Link DWS-1008 CLI Manual 290 DWS-1008#copy tftp//10.1.1.1/closetmx closetmx Syntax delete url DeleteFor example subdira/filea Copy Dir Link DWS-1008 CLI Manual 291 Boot1 Boot0Dir FilePage DWS-1008#install soda agent soda.ZIP agent-directory sp1 Install soda agentThis command may take up to 20 seconds Table below describes the fields in the dir output Syntax load config url Load configBackupconfigs/configc DWS-1008#load config DWS-1008#md5 boot0MX040003.020 Syntax md5 boot0 boot1filenameMd5 Mkdir Restarts a switch and reboots the software Reset systemSyntax reset system force Dir Rmdir Save config Show boot Show version RestoreDWS-1008#reset system Backup DWS-1008#restore system tftp/10.10.20.9/sysabakRmdir Removes a subdirectory from nonvolatile storage Syntax save config filename Save configDWS-1008#save config DWS-1008#save config testconfig1 Set boot configuration-file Set boot backup-configurationSyntax set boot backup-configuration filename Syntax set boot configuration-file filename Show boot Set boot partitionSyntax set boot partition boot0 boot1 Boot0 Boot1 Table below describes the fields in the show boot output Show configClear boot config Reset system Set boot configuration-file Displays the configuration running on the switch Show version DWS-1008#show config area vlanSpantree System Trace Vlan Vlan-fdb Syntax show version details Details DWS-1008#show version details DWS-1008#show version Syntax uninstall soda agent agent-directory directory Uninstall soda agentDWS-1008#uninstall soda agent agent-directory sp1 Table below describes the fields in the show version output Clear ap dap radio Access Point Commands DWS-1008#clear ap 3 radio Clear dap boot-configurationDWS-1008#clear dap 1 boot-configuration DWS-1008#set radio-profile rptest mode disable DWS-1008#set radio-profile rp1 mode disableClear radio-profile Syntax clear radio-profile name parameter Clear service-profile DWS-1008#set radio-profile rp6 mode disable Reset ap dapRestarts an access point Syntax reset ap port-list dap dap-num Link DWS-1008 CLI Manual 312 Syntax set dap auto Defaults None Access EnabledSet dap auto Syntax set dap auto mode enable disable Enable Set dap auto modeEnables the AP configuration profile Disables the AP configuration profile Set dap auto radiotype Set dap auto persistentSyntax set dap auto persistent dap-num all Dap-num Low Defaults Access Set dap auto Set dap auto mode Set dap auto persistentSet ap dap bias Dap dap-num dap auto high Set ap dap blink Dap dap-num dap auto enable disable Defaults Access Enabled Enables or disables the static IP address for the AP Set dap boot-ip Switch ip ip-addr Set dap boot-switch Link DWS-1008 CLI Manual 319 Specifies contact information for an AP Set ap dap contactSyntax set ap port-list dap dap-num contact string Contact string Syntax set dap dap-numfingerprint hex Set dap fingerprint Force-image-download disable Force-image-download enableSet ap dap force-image-download Dap auto Set ap dap group Defaults AP access points are not grouped by defaultSyntax set ap port-list dap dap-num auto group name Ap port-list dap dap-num dap auto Specifies location information for an AP Set ap dap locationSyntax set ap port-list dap dap-num location string Ap port-list Dap dap-num location string Set ap dap radio antenna-location Set ap dap nameSyntax set ap port-list dap dap-num name name Ap port-list Indoors Set ap dap radio antennatypeOutdoors Ap port-list Dap dap-num Configuration template Set ap dap radio auto-tune max-powerPower-level Radio 1 of the DWL-8220AP Dap dap-num radio 1 radio Channel-number Set ap dap radio channelSets an DWS-8220AP radio’s channel Dap dap-num dap auto Set ap dap radio modeRadio 1 radio 2 enable disable Mode disable Mode enableSet ap dap radio radio-profile Radio-profile name Access Enabled Set dap security Defaults By default, encryption keys are optional Set dap fingerprint Show ap dap config Show ap dap status Set ap dap upgrade-firmwareDap auto enable disable Defaults Access Enabled DWS-1008#set ap 2 upgrade-firmware disable Syntax set radio-profile name active-scan enable disable Set radio-profile auto-tune channel-configSet radio-profile active-scan Link DWS-1008 CLI Manual 334 Set radio-profile auto-tune channel-holddown Enable Disable No-clientName Link DWS-1008 CLI Manual 335 Name Radio profile name Set radio-profile auto-tune channel-intervalName Rate Syntax set radio-profile name auto-tune channel-lockdown Set radio-profile auto-tune channel-lockdown Set radio-profile auto-tune power-config Set radio-profile auto-tune power-interval Syntax set radio-profile name auto-tune power-lockdown Set radio-profile auto-tune power-lockdownSet radio-profile auto-tune power-ramp-interval Syntax set radio-profile name beacon-interval interval Defaults The default interval is 60 secondsSet radio-profile beacon-interval Set radio-profile countermeasures ConfiguredRogue None Set radio-profile dtim-interval Syntax set radio-profile name frag-threshold threshold Set radio-profile frag-threshold Set radio-profile max-tx-lifetime Set radio-profile max-rx-lifetimeSyntax set radio-profile name max-rx-lifetime time Syntax set radio-profile name max-tx-lifetime time Syntax set radio-profile name mode enable disable Set radio-profile mode MMS Link DWS-1008 CLI Manual 347 Access Enabled Syntax set radio-profile name preamble-length long short Set radio-profile preamble-lengthLong Short Set radio-profile rfid-mode Set radio-profile qos-modeSyntax set radio-profile name qos-mode svp wmm Svp Enables radios to function as asset location receivers Syntax set radio-profile name rfid-mode enable disableDefaults The default is disable Access Enabled Set radio-profile rts-threshold DWS-1008#set radio-profile rp1 rts-threshold Link DWS-1008 CLI Manual 353 Table Defaults for Radio Profile Parameters Link DWS-1008 CLI Manual 354 Link DWS-1008 CLI Manual 355 Portal-acl setting Set radio-profile wmm-powersave Syntax set radio-profile name wmm-powersave enable disable Set service-profile attrSyntax set service-profile name attr attribute-name value Link DWS-1008 CLI Manual 357 Access Enabled Syntax set service-profile name auth-dot1x enable disable Set service-profile auth-dot1xName Service profile name Enables 802.1X authentication of WPA clients Set service-profile auth-fallthru Syntax set service-profile name auth-psk enable disable Set service-profile auth-pskEnables PSK authentication of WPA clients Disables PSK authentication of WPA clients Set service-profile cac-mode Set service-profile beaconSyntax set service-profile name beacon enable disable Syntax set service-profile name cac-mode none session Syntax set service-profile name cac-session max-sessions Set service-profile cac-sessionCAC is not used Session Syntax set service-profile name cipher-ccmp enable disable Set service-profile cipher-ccmpEnables Ccmp encryption for WPA clients Disables Ccmp encryption for WPA clients Set service-profile cipher-wep104 Set service-profile cipher-tkipEnables 104-bit WEP encryption for WPA clients Disables 104-bit WEP encryption for WPA clients Defaults 104-bit WEP encryption is disabled by default Set service-profile cipher-wep40 Defaults 40-bit WEP encryption is disabled by default Set service-profile cosSets the Class-of-Service CoS level for static CoS Syntax set service-profile name cos level Set service-profile static-cos Show service-profile Set service-profile dhcp-restrictEnables Dhcp Restrict Disables Dhcp Restrict Set service-profile keep-initial-vlan Set service-profile idle-client-probingEnables keepalives Disables keepalives Configures radios to reassign a roamed user’s Vlan Set service-profile long-retry-countDefaults This option is disabled by default Syntax set service-profile name long-retry-count threshold Link DWS-1008 CLI Manual 371 Set service-profile no-broadcastSyntax set service-profile name no-broadcast enable disable Syntax set service-profile name proxy-arp enable disable Set service-profile proxy-arpEnable Disable Defaults Access Enabled Syntax set service-profile name psk-phrase passphrase Set service-profile psk-phraseDefaults Proxy ARP is disabled by default Syntax set service-profile name psk-raw hex Set service-profile psk-raw Syntax set service-profile name rsn-ie enable disable Set service-profile rsn-ieEnables the RSN IE Disables the RSN IE Set service-profile short-retry-count Set service-profile shared-key-authEnables shared-key authentication, in a service profile Syntax set service-profile name short-retry-count threshold Set service-profile soda agent-directory Set service-profile soda mode Link DWS-1008 CLI Manual 378 Set service-profile soda enforce-checks Syntax set service-profile name soda failure-page Set service-profile soda failure-page Syntax set service-profile name soda logout-page Set service-profile soda logout-page Set service-profile soda remediation-acl Set service-profile soda modeSyntax set service-profile name soda mode enable disable Defaults Disabled Access Enabled Syntax set service-profile name soda success-page Set service-profile soda success-page Configures the Ssid name in a service profile Set service-profile ssid-nameSyntax set service-profile name ssid-name ssid-name Name Ssid-name Syntax set service-profile name ssid-type clear crypto Set service-profile ssid-typeClear Crypto Syntax set service-profile name static-cos enable disable Set service-profile static-cosEnables static CoS on the service profile Disables static CoS on the service profile Set service-profile transmit-rates Set service-profile tkip-mc-timeSyntax set service-profile name tkip-mc-time wait-time Link DWS-1008 CLI Manual 386 11a 11b 11g Disabled rate-listMandantory rate-list Beacon-rate rate Defaults This command has the following defaults Set service-profile user-idle-timeout Syntax set service-profile name user-idle-timeout seconds Set service-profile web-portal-aclSyntax set service-profile name web-portal-acl aclname Name Seconds Set service-profile auth-fallthru Show service-profile Set service-profile web-portal-formSyntax set service-profile name web-portal-form url Defaults The D-Link Web login page is served by default Success change accepted Set service-profile web-portal-session-timeout Set service-profile wep active-unicast-index Set service-profile wep active-multicast-index Key-index num key value Set service-profile wep key-index Syntax set service-profile name wpa-ie enable disable Set service-profile wpa-ie Shows configuration information for radio Show ap dap configDWS-1008#show ap config DWS-1008#show dap config Link DWS-1008 CLI Manual 397 Following Table describes the fields in this display DWS-1008# show dap counters Show ap dap countersShows statistics counters for radio Link DWS-1008 CLI Manual 399 Totl Ccmp Link DWS-1008 CLI Manual 400 MIC Link DWS-1008 CLI Manual 402 Show ap dap qos-stats DWS-1008#set service-profile sp2 wpa-ie enableDisplays statistics for DWL-8220AP forwarding queues Clear Link DWS-1008 CLI Manual 404 Show ap dap etherstatsSyntax show ap dap etherstats port-list dap-num Link DWS-1008 CLI Manual 405 DWS-1008# show dap etherstats Syntax show ap dap group name Show ap dap groupName Name of an AP group or Distributed AP group Link DWS-1008 CLI Manual 406 Link DWS-1008 CLI Manual 407 DWS-1008# set service-profile sp2 wpa-ie enable Radio1 Show ap dap statusRadio2 DWS-1008#show dap status DWS-1008#show ap status Link DWS-1008 CLI Manual 410 Link DWS-1008 CLI Manual 411 Mp-num Dap-num Radio1 Radio2 radio all Defaults AccessShow auto-tune attributes DWS-1008# show auto-tune attributes ap 2 radio DWS-1008#show auto-tune neighbors ap 2 radio Show auto-tune neighbors Link DWS-1008 CLI Manual 415 Show dap boot-configurationSyntax show dap boot-configuration dap-num Link DWS-1008 CLI Manual 416 DWS-1008#show dap boot-configurationDNS IP Syntax show dap connection dap-num serial-id serial-ID Show dap connectionDWS-1008#show dap connection DAP Syntax show dap global dap-num serial-id serial-ID Show dap global LOW DWS-1008#show dap globalHigh Syntax show dap unconfigured Defaults None Access Enabled Show dap unconfiguredDWS-1008#show dap unconfigured Link DWS-1008 CLI Manual 420 Show radio-profile DWS-1008# show radio-profile defaultSyntax show radio-profile name ? Name Displays information about the named radio profile Link DWS-1008 CLI Manual 422 See Also Name Show service-profile Soda Link DWS-1008 CLI Manual 425 Link DWS-1008 CLI Manual 426 Link DWS-1008 CLI Manual 427 STP State TimersBridge Priority Port Cost Clear spantree portpri Clear spantree portcostSyntax clear spantree portcost port-list Syntax clear spantree portpri port-list Resets the priority for all VLANs Resets the cost for all VLANsClear spantree portvlancost Clear spantree portvlanpri Show spantree statistics Link DWS-1008 CLI Manual 431 Clear spantree statisticsSyntax clear spantree statistics port-listvlan vlan-id Set spantree Syntax set spantree backbonefast enable disable EnableSet spantree backbonefast Vlan vlan-id Port port-list vlan-id Syntax set spantree fwddelay delay all vlan vlan-id Delay Set spantree fwddelay Syntax set spantree maxage aging-timeall vlan vlan-id Set spantree helloSet spantree maxage Syntax set spantree portcost port-listcost cost Set spantree portcost Set spantree portfast Syntax set spantree portfast port port-listenable disableSet spantree portpri Syntax set spantree portpri port-listpriority value Changes the priority on all VLANs Set spantree portvlancostSet spantree portvlanpri Show spantree Link DWS-1008 CLI Manual 438 Set spantree priority Set spantree uplinkfast Syntax set spantree uplinkfast enable disableShow spantree Active Ieee DWS-1008# show spantree vlan defaultPVST+ Vlan ID Show spantree blockedports Link DWS-1008 CLI Manual 441 DWS-1008#show spantree blockedports vlan default Syntax show spantree backbonefast Defaults None Access AllShow spantree backbonefast Show spantree blockedports Syntax show spantree portfast port-list Show spantree portfastDWS-1008#show spantree portfast Set spantree portfast Link DWS-1008 CLI Manual 443 Show spantree statistics Show spantree portvlancostSyntax show spantree portvlancost port-list Port-list List of ports Inactive DWS-1008#show spantree statisticsFalse Link DWS-1008 CLI Manual 446 Topology change time Topology change detectedNum of similar BPDU’s to process Receivedinferiorbpdu Link DWS-1008 CLI Manual 447 Show spantree uplinkfast Defaults None Access AllClear spantree statistics Syntax show spantree uplinkfast vlan vlan-id Set spantree uplinkfast Link DWS-1008 CLI Manual 449 DWS-1008#show spantree uplinkfast Proxy Reporting Igmp Snooping StatePseudo-querier Router Solicitation Clear igmp statistics Syntax set igmp enable disable vlan vlan-idSet igmp DWS-1008#clear igmp statistics Set igmp mrouter Set igmp lmqiSet igmp oqi Set igmp qi Set igmp mrouter Link DWS-1008 CLI Manual 452 Set igmp mrsol mrsi Link DWS-1008 CLI Manual 453 Set igmp mrsolShow igmp mrouter Set igmp oqi Set igmp mrsol mrsiSyntax set igmp mrsol mrsi seconds vlan vlan-id Set igmp mrsol Show igmp Link DWS-1008 CLI Manual 455 Defaults Proxy reporting is enabled on all VLANs by defaultSet igmp proxy-report Syntax set igmp qi seconds vlan vlan-id qi seconds Defaults The default query interval is 125 secondsSet igmp qi Syntax set igmp qri tenth-secondsvlan vlan-id Set igmp qri Set igmp receiver Set igmp querierShow igmp querier Link DWS-1008 CLI Manual 458 Set igmp rv Defaults The default robustness value for all VLANs isShow igmp receiver-table Syntax set igmp rv num vlan vlan-id DWS-1008# show igmp vlan orange Show igmp Link DWS-1008 CLI Manual 461 Dvmrp PIM Link DWS-1008 CLI Manual 462 Show igmp mrouterSyntax show igmp mrouter vlan vlan-id DWS-1008# show igmp mrouter vlan orange Show igmp querier DWS-1008#show igmp querier vlan defaultDWS-1008# show igmp querier vlan orange DWS-1008#show igmp querier vlan red Group group-ip-addr/mask-length Show igmp receiver-tableDWS-1008# show igmp receiver-table vlan orange Vlan orange Session Port Receiver-IP Receiver-MAC DWS-1008#show igmp receiver-table group 237.255.255.0/24 Show igmp statisticsSet igmp receiver Displays Igmp statistics Link DWS-1008 CLI Manual 467 DWS-1008# show igmp statistics vlan orange Clear igmp statistics Link DWS-1008 CLI Manual 468 Commit Security ACLs Create Security ACLsMap Security ACLs Monitor Security ACLs Syntax clear security acl acl-name all editbuffer-index Clear security aclClears all security ACLs DWS-1008#clear security acl acl133 Clear security acl map Syntax commit security acl acl-name all Commit security aclCommits all security ACLs in the edit buffer Link DWS-1008 CLI Manual 472 ACL table DWS-1008#show security aclACL Type Class Mapping Syntax rollback security acl acl-name all Rollback security aclDWS-1008#show security acl info all editbuffer ACL edit-buffer information for all Link DWS-1008 CLI Manual 475 Set security aclBefore editbuffer-index modify editbuffer-index hits Deny PermitCos cos Tos tos PrecedencePrecedence DWS-1008#set security acl ip acl123 deny 192.168.2.11 EstablishedHits Link DWS-1008 CLI Manual 479 Set security acl mapClear security acl Commit security acl Show security acl Out Assigns the security ACL to traffic coming from the switch DWS-1008#set security acl hit-sample-rate Set security acl hit-sample-rateSyntax set security acl hit-sample-rate seconds Show security acl Syntax show security acl Defaults None Access EnabledDisplays a summary of the security ACLs that are mapped DWS-1008# show security acl Show security acl editbuffer Show security acl hits Syntax show security acl hits Defaults None Access EnabledShow security acl info Syntax show security acl info acl-name all editbuffer Defaults None Access Enabled Show security acl resource-usage Show security acl mapSyntax show security acl map acl-name DWS-1008#show security acl map acl111 DWS-1008#show security acl resource-usage Link DWS-1008 CLI Manual 488 Link DWS-1008 CLI Manual 489 DWS-1008#clear log trace See Also Syntax clear log trace Defaults None Access EnabledClear log trace Syntax clear trace trace-area all Deletes running trace commands and ends trace processesClear trace Save trace Set trace authenticationSyntax save trace filename DWS-1008#save trace traces/trace1 Traces authorization information Set trace authorizationSet trace dot1x Clear trace Show trace Link DWS-1008 CLI Manual 494 Set trace smTraces session manager activity Syntax show trace all Show trace Remote monitoring snooping Clear snoopSyntax clear snoop filter-name DWS-1008#clear snoop snoop1 See Also Set snoop Clear snoop mapExamples clear snoop map filter-namedap dap-numradio 1 Radio 1 of the AP Probe Frame-type eq neq beacon control data managementChannel eq neq channel Bssid eq neq bssid DWS-1008#set snoop snoop1 observer 10.10.30.2 snap-length Examples set snoop map filter-namedap dap-numradio 1 Defaults Snoop filters are unmapped by defaultSet snoop map Enable stop-after num-pkts Set snoop modeDisables the snoop filter Defaults Snoop filters are disabled by default Show snoop Syntax show snoop Defaults None Access EnabledShow snoop info Syntax show snoop filter-name Show snoop stats Show snoop mapSyntax show snoop map filter-name DWS-1008#show snoop map snoop1 filter ‘snoop1’ mapping Link DWS-1008 CLI Manual 504 System Logs Clear log Buffer Set logCurrent Sessions Show log config Clear log Link DWS-1008 CLI Manual 507 Enables messages to the specified targetDisables messages to the specified target Interval interval Set log markSeverity level Matching string Show log bufferFacility facility-name Syntax show log config Defaults None Access Enabled Show log configDWS-1008#show log config DWS-1008#show log buffer facility ? Number-of-messages Show log trace DWS-1008#show log trace +5 facility Rogue Clear log Show log config Link DWS-1008 CLI Manual 512DWS-1008#show log trace facility ? Booting Command InformationBoot Profile Management Diagnostics Boot AutobootSyntax autoboot on on OFF off Boot autoboot Boot boot FN=MX010101.020 DEV=boot1 Syntax change Change Create Creates a new boot profileSyntax create Change Delete Next Show Link DWS-1008 CLI Manual 517 Syntax delete Defaults None Removes the currently active boot profileDhcp Change Create Next Show Syntax dir c d e f boot0 boot1 Accesses the diagnostic modeDiag Syntax diag Fver Syntax fver c d e f boot0 boot1 filenameBload Bstrap Syntax help command-name Boot fver boot1Command-name Boot prompt command Boot help fver Help Link DWS-1008 CLI Manual 522 Displays a list of the boot prompt commandsSyntax ls Defaults None Next Syntax next Defaults None Resets a DWS-1008 switch’s hardware ResetSyntax reset Defaults None Boot Link DWS-1008 CLI Manual 524 Show Syntax show Defaults NoneBoot Type Change Create Delete Dhcp Next Link DWS-1008 CLI Manual 526 Boot Type Test Syntax version Defaults NoneVersion Syntax test on on OFF off Dir Fver Link DWS-1008 CLI Manual 528 Boot version

D-Link dws-1008 manual Clear security acl, Syntax clear security acl acl-name all editbuffer-index

Models: dws-1008

clear security acl

Syntax: clear security acl {acl-name all} [editbuffer-index]

all

Clears all security ACLs.

Defaults: None.

Access: Enabled.

DWS-1008#clear security acl acl_133

D-Link DWS-1008 CLI Manual