access-list ipv6 Configuring Access Control Lists
Enterasys C3 Configuration Guide 34-11
Defaults
If insert, replace, or move are not specified, the new entry will be appended to the access list.
Mode
Global configuration: C3(su)->router(Config)#
protocol Specifies an IP protocol for which to deny or permit access. The protocol
can be specified by keyword, or by a hexidecimal value between 0x0
and 0xFF, or by a decimal value between 0 and 255. Keywords and their
corresponding protocols are:
•ipv6 - Any IPv6 protocol
• udp - User Datagram Protocol
• tcp - Transmission Control Protocol
• icmpv6 - V6 Internet Control Message Protocol
srcipv6-addr/prefix-
length | any
Specifies a source IPv6 address and prefix length. If any is specified, any
IPv6 address can be the source.
dstipv6-addr/prefix-
length | any
Specifies a destination IPv6 address and prefix length. If any is
specified, any IPv6 address can be the destination.
eq port (Optional) Specifies the layer 4 port match. Ports can be identified by
keyword or number.
Port numbers can range from 0 to 65535.
Keywords are: domain, echo, ftp, ftpdata, http, smtp, snmp, tftp, www.
dscp dscp (Optional) Specifies a DiffServe Code Point (DSCP) value to match
against this packet’s DSCP code. Valid values are a number from 0 to 63
or one of the following keywords:
• af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, af44,
– Assured Forwarding
• be / cs0 – best effort
• cs1 - cs7 – Class Selector
• ef – Expedited Forwarding
flow-label label-value (Optional) Specifies a flow label value to match. The label-value can
range from 0 to 1048575.
insert | replace
entryno
(Optional) Inserts this new entry before a specified entry in an existing
ACL, or replaces a specified entry with this new entry.
move destination
source1 [source2]
(Optional) Moves a sequence of access list entries before another entry.
Destination is the number of the existing entry before which this new
entry will be moved. Source1 is a single entry number or the first entry
number in the range to be moved. Source2 (optional) is the last entry
number in the range to be moved. If source2 is not specified, only the
source1 entry will be moved.
assign-queue queue-id (Optional) Specifies the queue to which a packet matching the permit
rule will be assigned. Valid values for queue-id are from 0 to 5.
To Next Page
Loading...
Need help?
General