Command Reference ACL Commands
sender-mac
|
any
} {
target-ip target-ip
–wildcard
|
host
target-ip
|
any
}
5. Extended IPv6 ACL
[
sn
]
deny protocol
{
source-ipv6-prefix
/
prefix-length
|
any
|
host
source-ipv6-address
}
{
destination-ipv6-prefix / prefix-length
|
any
|
hostdestination-ipv6-address
} [
dscp
dscp
] [
flow-label
flow-label
] [
fragment
] [
range
lower
upper
] [
time-range
time-range-name
]
Extended ipv6 ACLs of some important protocols:
Internet Control Message Protocol
(ICMP)
[
sn
]
deny icmp
{
source-ipv6-prefix / prefix-length | any
source-ipv6-address
|
host
}
{
destination-ipv6-prefix
/
prefix-length
|
host
destination-ipv6-address
|
any
} [
icmp-type
] [[
icmp-type
[
icmp-code
]] | [
icmp-message
]] [
dscp
dscp
] [
flow-label
flow-label
] [
fragment
] [
time-range
time-range-name
]
Transmission Control Protocol
(TCP)
[
sn
]
deny tcp
{
source-ipv6-prefix / prefix-length
|
host
source-ipv6-address
|
any
}[
operator
port
[
port
]]
{
destination-ipv6-prefix
/
prefix-length
|
host
destination-ipv6-address
|
any
} [
operator
port
[
port
]]
[
dscp
dscp
] [
flow-label
flow-label
] [
fragment
] [
range
lower
upper
] [
time-range
time-range-name
]
[
match-all
tcp-flag |
established
]
User Datagram Protocol
(UDP)
[sn]
deny udp
{
source-ipv6-prefix/prefix-length
|
host
source-ipv6-address
|
any
} [
operator
port
[
port
]] {
destination-ipv6-prefix /prefix-length
|
host
destination-ipv6-address
|
any
}[
operator
port
[
port
]] [
dscp
dscp
] [
flow-label
flow-label
] [
fragment
] [
range
lower
upper
] [
time-range
time-range-name
]
Parameter
Description
Parameter
Description
sn
ACL entry sequence number
source-ipv6-prefix
Source IPv6 network address or network type
destination-ipv6-prefix
Destination IPv6 network address or network type
prefix-length
Prefix mask length
source-ipv6-address
Source IPv6 address
destination-ipv6-address
Destination IPv6 address
dscp
Differential Service Code Point
dscp
Code value, within the range of 0 to 63
flow-label
Flow label
flow-label
Flow label value, within the range of 0 to 1048575.
protocol
For the IPv6, the field can be ipv6 | icmp | tcp | udp and number in the
range 0 to 255
time-range
Time range of the packet filtering
time-range-name
Time range name of the packet filtering
Defaults
No entry
Command
mode
ACL configuration mode.
Содержание RG-S29 Series
Страница 1: ...RG S29 Series Switch RGOS Command Reference Release 11 4 1 B12...
Страница 10: ...Command Reference Command Line Interface Commands Platform Description N A...
Страница 93: ...Command Reference Line Commands Description...
Страница 236: ...Command Reference PoE Management Commands Related Commands Command Description N A N A Platform Description N A...
Страница 248: ...Command Reference PKG_MGMT Commands...
Страница 332: ...Command Reference Protocol VLAN Commands Commands N A N A Platform Description...
Страница 350: ...Command Reference Voice VLAN Commands Description...
Страница 430: ...Command Reference LLDP Commands Description...
Страница 467: ...Command Reference ERPS Commands Commands N A N A Platform Description N A...
Страница 541: ...Command Reference IPv6 Commands Platform Description N A...
Страница 858: ...Command Reference NSM Commands Description N A N A Defaults N A Command Mode Privileged EXEC mode Usage guideline N A...
Страница 914: ...Multicast Commands 1 IPv4 Multicast Routing Commands 2 IGMP Snooping Commands...
Страница 1092: ...Configuration Guide SCC Commands Platforms N A...
Страница 1196: ...Configuration Guide IPv6 Source Guard Commands Platform Description N A...
Страница 1290: ...ACL QoS Configuration Commands 1 ACL Commands 2 QoS Commands...