MES53xx, MES33xx, MES23xx Ethernet Switch Series 178
| [ace-priority index]
deny igmp {any | source source_wildcard}
{any | destination destination_wildcard}
[igmp_type]
[dscp dscp | precedence precedence]
time_name] [ace-priority index]
[disable-port | log-input]
Add a deny filtering entry for the IGMP. The packets that meet the entry's
conditions will be blocked by the switch. If the disable-port keyword is
specified, the physical interface receiving the packet will be disabled. If
the log-input keyword is specified, a message will be sent to the system
log.
deny tcp {any |source source_wildcard}
{any | source_port}
{any | destination destination_wildcard}
{any | destination_port}
[dscp dscp | precedence precedence]
[ list_of_flags] [time-range time_name]
[ace-priority index] [disable-port | log-input]
Add a deny filtering entry for the TCP. The packets that meet the entry's
conditions will be blocked by the switch. If the disable-port keyword is
specified, the physical interface receiving the packet will be disabled. If
the log-input keyword is specified, a message will be sent to the system
log.
deny udp{any |source source_wildcard}
{any | source_port}
{any | destination destination_wildcard}
{any | destination_port}
[dscp dscp | precedence precedence]
time_name] [ace-priority index]
[disable-port | log-input]
Add a deny filtering entry for UDP. The packets that meet the entry's
conditions will be blocked by the switch. If the disable-port keyword is
specified, the physical interface receiving the packet will be disabled. If
the log-input keyword is specified, a message will be sent to the system
log.
11.3.2 IPv6 ACL Configuration
This section provides description of main parameters and their values for IPv6-based ACL
configuration commands.
In order to create an IPv6-based ACL and enter its configuration mode, use the following command:
ipv6 access-list access-list. For example, to create the MESipv6 ACL, the following commands
should be executed:
console#
console# configure
console(config)# ipv6 access-list extended MESipv6
console(config-ipv6-al)#
Table 5.206. Main command parameters
Create a ‘permit’ filtering rule in the ACL.
Create a ‘deny’ filtering rule in the ACL.
This field is used to specify the protocol value (or all protocols)
which will be used to filter traffic. The following protocol
values are available: icmp, tcp, udp, or the protocol number –
icmp (58), tcp (6), udp (17).
To match all protocols, specify the value ipv6.
Source address and its
length
Define the IPv6 address and prefix length (0 – 128) (the
number of the most significant bits in the address) of the
packet source.
destination_prefix/length
Destination address and its
length
Define the IPv6 address and prefix length (0 – 128) (the
number of the most significant bits in the address) of the
packet destination.
The DSCP field in the L3
header
Specify the value of the diffserv DSCP field. Possible message
codes for the dscp field: (0 – 63).
Specify the priority of IP traffic: (0 - 7).
Name of the time-range
configuration profile
Specify configuration of time periods.
To Next Page
Loading...
Need help?
General
