Brocade Communications Systems ServerIron ADX 12.4.00a User Manual
Page 106
92
ServerIron ADX Security Guide
53-1002440-03
IACL overview
3
<ipv6-source-prefix>/<prefix-length
>
The <ipv6-source-prefix>/<prefix-length> parameter specify a source prefix
and prefix length that a packet must match for the specified action (deny or
permit) to occur. You must specify the <ipv6-source-prefix> parameter in
hexadecimal using 16-bit values between colons as documented in RFC
2373. You must specify the <prefix-length> parameter as a decimal value. A
slash mark (/) must follow the <ipv6-prefix> parameter and precede the
<prefix-length> parameter.
<ipv6-destination-prefix>/<prefix-l
ength>
The <ipv6-destination-prefix>/<prefix-length> parameter specify a
destination prefix and prefix length that a packet must match for the
specified action (deny or permit) to occur. You must specify the
<ipv6-destination-prefix> parameter in hexadecimal using 16-bit values
between colons as documented in RFC 2373. You must specify the
<prefix-length> parameter as a decimal value. A slash mark (/) must follow
the <ipv6-prefix> parameter and precede the <prefix-length> parameter
any
When specified instead of the <ipv6-source-prefix>/<prefix-length> or
<ipv6-destination-prefix>/<prefix-length> parameters, matches any IPv6
prefix and is equivalent to the IPv6 prefix::/0.
host
Allows you specify a host IPv6 address. When you use this parameter, you
do not need to specify the prefix length. A prefix length of all128 is implied.
icmp-message
ICMP packets are filtered by ICMP messages. See the "Configuring IPv6
ICMP Features" section of the "Configuring IPv6 Connectivity" chapter of the
ServerIron ADX TrafficWorks Switching and Routing Guide.
tcp
Indicates the you are filtering TCP packets.
udp
Indicates the you are filtering UDP packets.
<ipv6-source-prefix>/<prefix-length
>
The <ipv6-source-prefix>/<prefix-length> parameter specify a source prefix
and prefix length that a packet must match for the specified action (deny or
permit) to occur. You must specify the <ipv6-source-prefix> parameter in
hexadecimal using 16-bit values between colons as documented in RFC
2373. You must specify the <prefix-length> parameter as a decimal value. A
slash mark (/) must follow the <ipv6-prefix> parameter and precede the
<prefix-length> parameter.
<ipv6-destination-prefix>/<prefix-l
ength>
The <ipv6-destination-prefix>/<prefix-length> parameter specify a
destination prefix and prefix length that a packet must match for the
specified action (deny or permit) to occur. You must specify the
<ipv6-destination-prefix> parameter in hexadecimal using 16-bit values
between colons as documented in RFC 2373. You must specify the
<prefix-length> parameter as a decimal value. A slash mark (/) must follow
the <ipv6-prefix> parameter and precede the <prefix-length> parameter
any
When specified instead of the <ipv6-source-prefix>/<prefix-length> or
<ipv6-destination-prefix>/<prefix-length> parameters, matches any IPv6
prefix and is equivalent to the IPv6 prefix::/0.
host
Allows you specify a host IPv6 address. When you use this parameter, you
do not need to specify the prefix length. A prefix length of all128 is implied.
TABLE 6
Syntax Descriptions
Arguments...
Description...