Command summary for configuring acls, Command summary for configuring acls -7 – HP 6200YL User Manual
Page 183
IPv6 Access Control Lists (ACLs)
Overview of Options for Applying IPv6 ACLs on the Switch
Command Summary for Configuring ACLs
Create an IPv6 ACL
or
Add an ACE to the End
of an Existing IPv6
ACL
ProCurve(config)# ipv6 access-list < name-str >
ProCurve(config-ipv6-acl)# < deny | permit >
< ipv6 | esp | ah | sctp | ipv6-protocol-nbr >
< any | host <SA > | SA/< prefix-length >>
< any | host < DA > | DA/< prefix-length >>
< tcp | udp >
< any | host <SA > | SA/< prefix-length > >
[comparison-operator < value >]
< any | host < DA > | DA/< prefix-length >>
[comparison-operator < value >]
[established]
1
[ack] [fin] [rst] [syn]
2
< icmp >
< any | host < SA > | SA /< prefix-length >>
< any | host < DA > | DA /< prefix-length >>
[ 0 - 255 [ 0 - 255 ] | icmp-message ]
[dscp < precedence | codepoint >]
[log]
3
Insert an ACE or a
ProCurve(config)# ipv6 access-list < name-str >
remark by Assigning a
ProCurve(config-ipv6-acl)# < seq-# > < deny | permit | remark>
Sequence Number
The deny and permit keywords use the options shown above for “Create an IPv6
ACL”.
Delete an ACE or a
ProCurve(config)# ipv6 access-list < name-str >
Remark (or both) by
ProCurve(config-ipv6-acl)# no < seq-# > [ remark ]
Sequence Number
(Note: You can also delete an ACE by entering no < permit | deny > followed by the
settings explicitly configured for that ACE.)
Resequence the ACEs
ProCurve(config)# ipv6 access-list resequence < name-str >
in an ACL
< starting-# > < increment >.
1
TCP only.
2
TCP flag (control bit) options for destination TCP.
3
The log function is available only for “deny” ACLs, and generates a message only when there is a “deny” match.
— Continued —
8-7