Command Manual – ACL
H3C S7500E Series Ethernet Switches Chapter 1 ACL Configuration Commands
1-30
deny: Defines a deny statement to drop matched packets.
permit: Defines a permit statement to allow matched packets to pass.
protocol: Protocol carried on IPv6. It can be a number in the range 0 to 255, or in words,
gre (47), icmpv6 (58), ipv6, ipv6-ah (51), ipv6-esp (50), ospf (89), tcp (6), udp (17).
Table 1-9 Match criteria and other rule information for advanced IPv6 ACL rules
Parameters Function Description
source { source
source-prefix |
source/source-prefix
| any }
Specifies a source
IPv6 address.
The source and source-prefix
arguments specify an IPv6 source
address and its prefix length in the
range 1 to 128.
The any keyword indicates any IPv6
source address.
destination { dest
dest-prefix |
dest/dest-prefix |
any }
Specifies a
destination IPv6
address.
The dest and dest-prefix arguments
specify a destination IPv6 address,
and its prefix length in the range 1 to
128.
The any keyword indicates any IPv6
destination address.
dscp dscp
Specifies a DSCP
preference
The dscp argument can be a
number in the range 0 to 63, or in
words, af11(10), af12(12), af13(14),
af21(18), af22(20), af23(22),
af31(26), af32(28), af33(30),
af41(34), af42(36), af43(38),
cs1(8), cs2(16), cs3(24), cs4(32),
cs5(40), cs6(48), cs7(56),
default(0), or ef(46).
logging
Specifies to log
matched packets
––
fragment
Specifies that the rule
applies to only IP
fragments.
––
time-range
time-name
Specifies the time
range in which the
rule can take effect.
The time-name argument
comprises 1 to 32 characters. It is
case insensitive and must start with
an English letter. To avoid
confusion, this name cannot be all.
If the protocol argument is set to tcp or udp, you may define the parameters in the
following table.
To Next Page
Loading...
Need help?
General
