D-Link dws-1008 D-Link DWS-1008 CLI Manual 488

D-Link DWS-1008 CLI Manual 488

Field Description

Number of rules Number of security ACEs currently mapped to ports or VLANs.

Number of leaf nodes Number of security ACL data entries stored in the rule tree.

Stored rule count Number of security ACEs stored in the rule tree.

Leaf chain count Number of chained security ACL data entries stored in the rule tree.

Longest leaf chain Longest chain of security ACL data entries stored in the rule tree.

Number of non-leaf nodes Number of nodes with no data entries stored in the rule tree.

Uncompressed Rule Count Number of security ACEs stored in the rule tree, including duplicates—ACEs in ACLs applied

to multiple ports, virtual ports, or VLANs.

Maximum node depth Number of data elements in the rule tree, from the root to the furthest data entry (leaf).

Sub-chain count Sum of action types represented in all security ACL data entries.

PSCBs in primary memory Number of pattern search control blocks (PSCBs) stored in primary node memory.

PSCBs in secondary

memory Number of PSCBs stored in secondary node memory.

Leaves in primary Number of security ACL data entries stored in primary leaf memory.

Leaves in secondary Number of ACL data entries stored in secondary leaf memory.

Sum node depth Total number of security ACL data entries.

Fragmentation control

Control value for handling fragmented IP packets.

Note: The current MSS version ﬁlters only the ﬁrst packet of a fragmented IP packet and

passes the remaining fragments.

UC switchdest

Control value for handling fragmented IP packets.

Note: The current MSS version ﬁlters only the ﬁrst packet of a fragmented IP packet and

passes the remaining fragments.

Port number

Control value for handling fragmented IP packets.

Note: The current MSS version ﬁlters only the ﬁrst packet of a fragmented IP packet and

passes the remaining fragments.

Number of action types Number of actions that can be performed by ACLs. This value is always 2, because ACLs

can either permit or deny.

LUdef in use Number of the lookup deﬁnition (LUdef) table currently in use for packet handling.

Default action pointer Memory address used for packet handling, from which default action data is obtained when

necessary.

L4 global

Security ACL mapping on the switch:

• True—Security ACLs are mapped.

• False—No security ACLs are mapped.

No rules

Security ACE rule mapping on the switch:

• True—No security ACEs are mapped.

• False—Security ACEs are mapped.

Non-IP rules

Non-IP security ACE mapping on the switch:

• True—Non-IP security ACEs are mapped.

• False—Only IP security ACEs are mapped.

Note: The current MSS version supports security ACEs for IP only.

Root in ﬁrst

Leaf buffer allocation:

• True - Enough primary leaf buffers are allocated in nonvolatile memory to accommodate

all leaves.

• False - Insufﬁcient primary leaf buffers are allocated in nonvolatile memory to accommodate

all leaves.