PLANET XGS3-24040 User Manual

Chapter 46 ACL Configuration

46-12

（10） Configuring a numbered standard IPV6 access-list

Command

Explanation

Global Mode

ipv6 access-list <num> {deny | permit} {{<sIPv6Addr>

<sPrefixlen>} | any-source | {host-source

<sIpv6Addr>}}

no ipv6 access-list <num>

Creates a numbered standard

IPV6 access-list, if the

access-list already exists, then

a rule will add to the current

access-list;

the “no

access-list <num>“ command

deletes a numbered standard

IPv6 access-list.

（11） Configuring a numbered extensive IPV6 access-list

Command

Explanation

Global Mode

ipv6 access-list <num-ext> {deny | permit} icmp

{{<sIPv6Prefix/sPrefixlen>} | any-source |

{host-source <sIPv6Addr>}}

{<dIPv6Prefix/dPrefixlen> | any-destination |

{host-destination <dIPv6Addr>}} [<icmp-type>

[<icmp-code>]] [dscp <dscp>] [flow-label

<flowlabel>] [time-range <time-range-name>]

Creates a numbered

extended IPV6 access-list, if

the access-list already exists,

then a rule will add to the

current access-list; the no

ipv6 access-list

<num>

command deletes a

numbered standard IPV6

access-list.

ipv6 access-list <num-ext> {deny | permit} tcp

{{<sIPv6Prefix/<sPrefixlen>} | any-source |

{host-source <sIPv6Addr>}} [s-port { <sPort> | range

<sPortMin> <sPortMax> }] {{<

dIPv6Prefix/<dPrefixlen>} | any-destination |

{host-destination <dIPv6Addr>}} [dPort { <dPort> |

range <sPortMin> <sPortMax> }] [syn | ack | urg | rst |

fin | psh] [dscp <dscp>] [flow-label <flowlabel>]

[time-range <time-range-name>]

ipv6 access-list <num-ext> {deny | permit} udp

{{<sIPv6Prefix/<sPrefixlen>} | any-source |

{host-source <sIPv6Addr>}} [s-port { <sPort> | range

<sPortMin> <sPortMax> }]

{{<dIPv6Prefix/<dPrefixlen>} | any-destination |

{host-destination <dIPv6Addr>}} [dPort { <dPort> |

range <sPortMin> <sPortMax> }] [dscp <dscp>]

[flow-label <flowlabel>] [time-range