DGS-6604
m
permit | deny (ipv6 access list)
CLI Reference Guide
476
permit | deny (ipv6 access list)
Use the
permit
command to add an entry to the IPv6 access-list. Use the
no
permit
command to remove a permit entry from the IPv6 access-list. Use the
deny
command to add a deny entry to the IPv6 access-list. Use the
no deny
command to remove a deny entry from the IPv6 access-list.
{permit | deny} {tcp | udp} {any | host
SRC-IPV6-ADDR | SRC-IPV6-ADDR
MASK} [OPERATOR PORT] {
any | host
DST-IPV6-ADDR | DST-IPV6-ADDR
MASK} [OPERATOR PORT]
[traffic-class
TRAFFIC-CLASS] [
time-range
PROFILE-NAME] [
priority
PRIORITY]
{permit | deny} [icmpv6 | ospfv3 | nextheader
NEXTHEADER] {
any | host
SRC-IPV6-ADDR | SRC-IPV6-ADDR MASK} {
any | host
DST-IPV6-ADDR |
DST-IPV6-ADDR MASK} [
traffic-class
TRAFFIC-CLASS] [
time-range
PROFILE-NAME] [
priority
PRIORITY]
no {permit | deny} {tcp | udp} {any | host
SRC-IPV6-ADDR | SRC-IPV6-ADDR
MASK} [OPERATOR PORT] {
any | host
DST-IPV6-ADDR | DST-IPV6-ADDR
MASK} [OPERATOR PORT]
[traffic-class
TRAFFIC-CLASS]
[time-range]
no {permit | deny} [icmpv6 | ospfv3 |nextheader
NEXTHEADER] {
any | host
SRC-IPV6-ADDR | SRC-IPV6-ADDR MASK} {
any | host
DST-IPV6-ADDR |
DST-IPV6-ADDR MASK}
[traffic-class
TRAFFIC-CLASS]
[time-range]
Syntax Description
Any
An abbreviation for the IPv6 prefix ::/0
host
SRC-IPV6-ADDR
Specifies a specific source IPv6 address.
SRC-IPV6-ADDR MASK
Specifies a source IPv6 addresses by using a mask.
host
DST-IPV6-ADDR
Specifies a specific destination IPv6 address.
DST-IPV6-ADDR MASK
Specifies a group of destination IPv6 addresses by using a mask.
tcp, udp, icmpv6, ospfv3
L4 protocol type of the next header in the IPv6 header.
nextheader
NEXTHEADER
The value of the nextheader in IPv6 header. The range is from 0 to 255
traffic-class
TRAFFIC-
CLASS
(Optional) Specifies the traffic class value in IPv6 header. The acceptable
range is from 0 to 255.
OPERATOR PORT
(Optional) Compares source or destination port. OPERATOR can be
lt
(less
than, match on a lower port number),
gt
(greater than, match on a greater
port),
eq
(equal, match on a specific port).
The PORT argument can be the L4 TCP/UDP source or destination port.
The acceptable range is from 0 to 65535 for
eq
operator. The acceptable
range is from 0 to 65534 for
gt
operator. The acceptable range is from 1 to
65534 for
lt
operator
time-range
(Optional) Specifies the name of time-period profile for activation the access-
list.