14-27
Parameters
rule-id
: IPv6 ACL rule number, in the range 0 to 65534.
deny
: Drops matched packets.
permit
: Allows matched packets to pass.
protocol
: Protocol carried over IPv6. It can be a number in the range 0 to 255, or in words,
gre
(47),
icmpv6
(58),
ipv6
,
ipv6-ah
(51),
ipv6-esp
(50),
ospf
(89),
tcp
(6), or
udp
(17).
shows the
parameters that can be specified after the
protocol
argument.
Table 14-9
Match criteria and other rule information for advanced IPv6 ACL rules
Parameters
Function
Description
source
{
source
source-prefix |
source/source-prefix
|
any
}
Specifies a source IPv6
address.
The
source
and
source-prefix
arguments
specify an IPv6 source address and its
prefix length in the range 1 to 128.
The
any
keyword indicates any IPv6
source address.
destination
{
dest
dest-prefix |
dest/dest-prefix |
any
}
Specifies a destination IPv6
address.
The
dest
and
dest
-
prefix
arguments
specify a destination IPv6 address, and its
prefix length in the range 1 to 128.
The
any
keyword indicates any IPv6
destination address.
dscp
dscp
Specifies a DSCP
preference
The
dscp
argument can be a number in the
range 0 to 63, or in words,
af11
(10),
af12
(12),
af13
(14),
af21
(18),
af22
(20),
af23
(22),
af31
(26),
af32
(28),
af33
(30),
af41
(34),
af42
(36),
af43
(38),
cs1
(8),
cs2
(16),
cs3
(24),
cs4
(32),
cs5
(40),
cs6
(48),
cs7
(56),
default
(0), or
ef
(46).
logging
Specifies to log matched
packets
This function requires that the module
using the ACL support logging.
fragment
Indicates that the rule
applies to only non-first
fragments.
Without this keyword, the rule applies to all
fragments and non-fragments.
time-range
time-range-name
Specifies the time range in
which the rule takes effect.
The
time-range-name
argument is a case
insensitive string of 1 to 32 characters. It
must start with an English letter and
cannot be the English word of all to avoid
confusion.
Setting the
protocol
argument to
tcp
or
udp
, you may define the parameters shown in
Summary of Contents for E4510-48G
Page 109: ...2 18 Sysname interface bridge aggregation 1 Sysname Bridge Aggregation1 shutdown ...
Page 309: ...6 4 Sysname interface vlan interface 1 Sysname Vlan interface1 ip address dhcp alloc ...
Page 324: ...8 3 Sysname interface vlan interface 1 Sysname Vlan interface1 ip address bootp alloc ...
Page 530: ...2 5 Sysname mvlan 100 subvlan 10 to 15 ...
Page 739: ...8 15 Sysname system view Sysname port security trap addresslearned ...
Page 819: ...13 11 Sysname system view Sysname public key peer key2 import sshkey key pub ...
Page 914: ...5 17 Sysname reset oam ...
Page 1064: ...5 30 Slot 2 Set next configuration file successfully ...
Page 1325: ...21 13 Examples Redirect to member 2 Sysname irf switch to 2 Sysname Slave 2 ...