20 permit | deny(ipv6 extended), Permit, Deny – PLANET WGSW-52040 User Manual

Page 616: Extended

Advertising
background image

38-156

38.20 permit | deny(ipv6 extended)

Command:

[no] {deny | permit} icmp {{<sIPv6Prefix/sPrefixlen>} | any-source | {host-source <sIPv6Addr>}}

{<dIPv6Prefix/dPrefixlen> | any-destination | {host-destination <dIPv6Addr>}} [<icmp-type> [<icmp-code>]]

[dscp <dscp>] [flow-label <fl>][time-range <time-range-name>]

[no] {deny | permit} tcp { <sIPv6Prefix/sPrefixlen> | any-source | {host-source <sIPv6Addr> }} [s-port

{ <sPort> | range <sPortMin> <sPortMax> }] { <dIPv6Prefix/dPrefixlen> | any-destination | {host-destination

<dIPv6Addr> }} [d-port { <dPort> | range <dPortMin> <dPortMax> }] [syn | ack | urg | rst | fin | psh] [dscp

<dscp> ] [flow-label <fl> ][time-range <time-range-name> ]

[no] {deny | permit} udp { <sIPv6Prefix/sPrefixlen> | any-source | {host-source <sIPv6Addr> }} [s-port

{ <sPort> | range <sPortMin> <sPortMax> }] { <dIPv6Prefix/dPrefixlen> | any-destination | {host-destination

<dIPv6Addr> }} [d-port { <dPort> | range <dPortMin> <dPortMax> }] [dscp <dscp> ] [flow-label

<fl> ][time-range <time-range-name> ]

[no] {deny | permit} <next-header> {<sIPv6Prefix/sPrefixlen> | any-source | {host-source <sIPv6Addr>}}

{<dIPv6Prefix/dPrefixlen> | any-destination | {host-destination <dIPv6Addr>}} [dscp <dscp>] [flow-label

<fl>][time-range <time-range-name>]

[no] {deny | permit} {<sIPv6Prefix/sPrefixlen> | any-source | {host-source <sIPv6Addr>}}

{<dIPv6Prefix/dPrefixlen> | any-destination | {host-destination <dIPv6Addr>}} [dscp <dscp>] [flow-label <fl>]

[time-range<time-range-name>]

Function:

Create an extended nomenclature IPv6 access control rule for specific IPv6 protocol.

Parameter:

<sIPv6Addr> is the source IPv6 address; <sPrefixlen> is the length of the IPv6 address prefix, the range is 1~128;

<dIPv6Addr> is the destination IPv6 address; <dPrefixlen> is the length of the IPv6 address prefix, the range is 1~

128; <igmp-type>, type of the IGMP; <icmp-type>, icmp type; <icmp-code>, icmp protocol number; <dscp>, IPv6

priority ,the range is 0 ~ 63; <flowlabel>, value of the flow label, the range is 0 ~ 1048575;

syn,ack,urg,rst,fin,psh,tcp label position; <sPort>, source port number, the range is 0~65535;

<sPortMin>, the

down boundary of source port; <sPortMax>, the up boundary of source port; <dPort>, destination port number, the

range is 0~ 65535; <dPortMin>, the down boundary of destination port; <dPortMax>, the up boundary of

destination port. <next-header>, the IPv6 next-header. <time-range-name>, time range name.

Command Mode:

IPv6 nomenclature extended access control list mode

Default:

No access control list configured.

Advertising
See also other documents in the category PLANET Routers: