PLANET XGS3-24042 User Manual

Page 948

Advertising
background image

47-14

{host-source <sIPv6Addr> }} [s-port { <sPort> | range <sPortMin> <sPortMax> }]

{{ <dIPv6Prefix/<dPrefixlen> } | any-destination | {host-destination <dIPv6Addr> }} [dPort

{ <dPort> | range <dPortMin> <dPortMax> }] [dscp <dscp> ] [flow-label

<flowlabel> ][time-range <time-range-name> ]

ipv6 access-list <num-ext> {deny | permit} <next-header> { <sIPv6Prefix/sPrefixlen> |

any-source | {host-source <sIPv6Addr> }} { <dIPv6Prefix/dPrefixlen> | any-destination |

{host-destination <dIPv6Addr> }} [dscp <dscp> ] [flow-label <fl> ][time-range

<time-range-name> ]

no ipv6 access-list { <num-std> | <num-ext> }

Functions:

Creates a numbered standard IP access-list, if the access-list already exists, then a rule will add to

the current access-list; the “no access-list {<num-std>|<num-ext>} “command deletes a

numbered standard IP access-list.

Parameters:

<num-std> is the list number, list range is between 500~599; <num-ext> is the list number, list

range is between 600~699; <sIPv6Prefix> is the prefix of the ipv6 source address; <sPrefixlen>

is the length of prefix of the ipv6 source address, range is between 1~128; <sIPv6Addr> is the

ipv6 source address; <dIPv6Prefix> is the prefix of the ipv6 destination address; <dPrefixlen> is

the length of prefix of the ipv6 destination address, range is between 1~128; <dIPv6Addr> is the

ipv6 destination address; <icmp-type>, the type of icmp; <icmp-code>,the protocol code of icmp;

<dscp>,IPv6 priority, range from 0 to 63; <flowlabel>,value of flow tag, range from 0 to 1048575;

synackurgrstfinpshtcp label position; <sPort>, source port No., 0-65535; <sPortMin>,

the down boundary of source port; <sPortMax>, the up boundary of source port; <dPort>,

destination port No., range from 0 to 65535; <dPortMin>, the down boundary of destination port;

<dPortMax>, the up boundary of destination port; <next-header>,the next header of IPv6, range

from 0 to 255; <time-range-name>, the name of time-range.

Command Mode:

Global Mode.

Default:

No access-list configured.

Usage Guide:

Creates a numbered 520 standard IP access-list first time, the following configuration will add to the

current access-list.

Examples:

Creates a numbered 520 standard IP access-list, allow the source packet from 2003:1:2:3::1/64

pass through the net, and deny all the other packet from the source address 2003:1:2::1/48 pass

through.

Advertising
This manual is related to the following products:

XGS3-24242

Popular Brands
Popular manuals