C613-50100-01 REV C Command Reference for x930 Series 1957
AlliedWare Plus™ Operating System - Version 5.4.6-1.x
IPV6 HARDWARE ACCESS CONTROL LIST (ACL) COMMANDS
(IPV6 ACCESS-LIST NAMED TCP UDP FILTER)
(ipv6 access-list named TCP UDP filter)
Overview Use this ACL filter to add a filter entry for an IPv6 source and destination address
and prefix, with TCP (Transmission Control Protocol) or UDP (User Datagram
Protocol) source and destination ports specified, to the current named IPv6
access-list.
If you specify a sequence number, the new entry is inserted at the specified
location. Otherwise, the new entry is added at the end of the access-list.
Note that specifying the send-to-cpu parameter could result in EPSR healthcheck
messages and other control packets being dropped.
The no variant of this command removes a filter entry for an IPv6 source and
destination address and prefix, with TCP or UDP source and destination ports
specified, from the current named IPv6 access-list. You can specify the filter entry
for removal by entering either its sequence number, or its filter entry profile.
Syntax
[<sequence-number>]
{deny|permit|send-to-cpu|send-to-mirror|copy-to-cpu|
copy-to-mirror} {tcp|udp}
{<ipv6-source-prefix/prefix-length>|
<ipv6-source-address> <ipv6-source-wildcard>|
host <ipv6-source-host>|any}
{eq <sourceport>|lt <sourceport>|gt <sourceport>|
ne <sourceport>|range <start-range> <end-range>]}
{<ipv6-destination-prefix/prefix-length>|
<ipv6-destination-address> <ipv6-destination-wildcard>|
host <ipv6-destination-host>|any}
{[eq <destport>|lt <destport>|gt <destport>|
ne <destport>|range <start-range> <end-range>]} [vlan <1-4094>]
no {deny|permit|send-to-cpu|send-to-mirror|copy-to-cpu|
copy-to-mirror} {tcp|udp}
{<ipv6-source-prefix/prefix-length>|
<ipv6-source-address> <ipv6-source-wildcard>|
host <ipv6-source-host>|any}
{eq <sourceport>|lt <sourceport>|gt <sourceport>|
ne <sourceport>|range <start-range> <end-range>]}
{<ipv6-destination-prefix/prefix-length>|
<
ipv6-destination-address> <ipv6-destination-wildcard>|
host <ipv6-destination-host>|any}
{eq <destport>|lt <destport>|gt <destport>|
ne <destport>}|range <start-range> <end-range>} [vlan <1-4094>]
no <sequence-number>
Parameter Description
<sequence-number> The sequence number for the filter entry of the
selected access control list, from 1 to 65535.
deny Specify packets to reject.
permit Specifies the packets to permit.
To Next Page
Loading...
Need help?
General
