24 permit | deny(ipv6 standard) – Accton Technology ES4626 User Manual

Page 771

Advertising
background image

771

<dIPv6Addr>}} [<icmp-type> [<icmp-code>]] [dscp <dscp>] [flow-label <fl>]

[no] {deny | permit} tcp {<sIPv6Prefix/sPrefixlen> | any | {host <sIPv6Addr>}}

[s-port <sPort>] {<dIPv6Prefix/dPrefixlen> | any-destination | {host-destination

<dIPv6Addr>}} [d-port <dPort>] [syn | ack | urg | rst | fin | psh] [dscp <dscp>]

[flow-label <fl>]

[no] {deny | permit} udp {<sIPv6Prefix/sPrefixlen> | any | {host <sIPv6Addr>}}

[s-port <sPort>] {<dIPv6Prefix/dPrefixlen> | any-destination | {host-destination

<dIPv6Addr>}} [d-port <dPort>] [dscp <dscp>] [flow-label <fl>]

[no] {deny | permit} <proto> {<sIPv6Prefix/sPrefixlen> | any | {host

<sIPv6Addr>}} {<dIPv6Prefix/dPrefixlen> | any-destination | {host-destination

<dIPv6Addr>}} [dscp <dscp>] [flow-label <fl>]

Function:

Create an extended nomenclature IPv6 access control rule for specific IPv6

protocol.

Parameter:<sIPv6Addr>

is the source IPv6 address;<sPrefixlen> is the length of the

IPv6 address prefix,the range is 1 ~ 128;<dIPv6Addr> is the destination IPv6

address;<dPrefixlen> is the length of the IPv6 address prefix,the range is 1 ~

128;<igmp-type>,type of the igmp;<icmp-type>,icmp type;<icmp-code>,icmp protocol
number;<dscp>,IPv6 priority ,the range is 0~63;<fl>,value of the flow label,the range

is 0 ~ 1048575;syn,ack,urg,rst,fin,psh,tcp label position;<sPort>,source port

number,the range is 0~65535;<dPort>,destination port number, the range is 0~

65535;

Command Mode:

IPv6 nomenclature extended access control list mode

Default:

No access control list configured

Example:

Create an extended access control list named udpFlow, denying the igmp

packets while allowing udp packets with destination address 2001:1:2:3::1 and

destination port 32.

Switch(Config)#ipv6 access-list extended udpFlow

Switch(Config-Ext-Nacl-udpFlow)#ipv6 access-list 110 deny igmp any any-destination

Switch(Config-Ext-Nacl-udpFlow)#ipv6 access-list 110 permit udp any host-destination

2001:1:2:3::1 dPort 32

18.2.2.24 permit | deny(ipv6 standard)

Command: [no] {deny | permit} {{<sIPv6Prefix/sPrefixlen>} | any | {host

<sIPv6Addr>}}

Function:

Create a standard nomenclature IPv6 access control rule; the “no” form of this

command deletes the nomenclature standard IPv6 access control rule.

Parameter:<sIPv6Prefix>

is the prefix of the source IPv6 address,<sPrefixlen> is the

Advertising
This manual is related to the following products:

ES4650, ES4624-SFP, ES4626-SFP

Popular Brands
Popular manuals