Configuration commands, Command summary for configuring acls, Command summary for configuring acls -43 – HP 6200YL User Manual
Page 219
IPv6 Access Control Lists (ACLs)
Configuration Commands
Create an IPv6 ACL
or
Add an ACE to the End
of an Existing IPv6
ACL
Configuration Commands
Command Summary for Configuring ACLs
ProCurve(config)# ipv6 access-list < name-str >
ProCurve(config-ipv6-acl)# < deny | permit >
< ipv6 | esp | ah | sctp | ipv6-protocol-nbr >
< any | host <SA > | SA/< prefix-length >>
< any | host < DA > | DA/< prefix-length >>
< tcp | udp >
< any | host <SA > | SA/< prefix-length > >
[comparison-operator < value >]
< any | host < DA > | DA/< prefix-length >>
[comparison-operator < value >]
[established]
1
[ack] [fin] [rst] [syn]
2
< icmp >
< any | host < SA > | SA /< prefix-length >>
< any | host < DA > | DA /< prefix-length >>
[ 0 - 255 [ 0 - 255 ] | icmp-message ]
[dscp < precedence | codepoint >]
[log]
3
Insert an ACE by
Assigning a Sequence
Number
ProCurve(config)# ipv6 access-list < name-str >
ProCurve(config-ipv6-acl)# < seq-# > < deny | permit >
The deny and permit keywords use the options shown above for “Create an IPv6
ACL”.
Delete an ACE or a
Remark by Sequence
Number
ProCurve(config)# ipv6 access-list < name-str >
ProCurve(config-ipv6-acl)# no < seq-# > [ remark ]
(Note: You can also delete an ACE by entering no < permit | deny > followed by the
settings explicitly configured for that ACE.)
Resequence the ACEs
ProCurve(config)# ipv6 access-list resequence < name-str >
in an ACL
< starting-# > < increment >.
1
TCP only.
2
TCP flag (control bit) options for destination TCP.
3
The log function is available only for “deny” ACLs, and generates a message only when there is a “deny” match.
— Continued —
8-43