680 IPv6 Access Control List Commands
[{range {
portkey
|
startport
}
{
portkey
|
endport
} | {eq |
neq | lt | gt}
{
portkey
|
0-
65535
} ]
This option is available only if the protocol is TCP
or UDP.
Specifies the layer 4 port match condition for the
IPv6 ACL rule. A port number can be used, in the
range 0-65535, or the portkey, which can be one of
the following keywords:
◆ For TCP: bgp, domain, echo, ftp, ftp-data,
http, smtp, telnet, www, pop2, pop3
◆ For UDP: domain, echo, ntp, rip, snmp,
tftp, time, who.
Each of these keywords translates into its equivalent
port number.
When range is specified, IPv6 ACL rule matches
only if the layer 4 port number falls within the
specified portrange. The startport and endport
parameters identify the first and last ports that are
part of the port range. They have values from 0 to
65535. The ending port must have a value equal or
greater than the starting port. The starting port,
ending port, and all ports in between are part of the
layer 4 port range.
When eq is specified, IPv6 ACL rule matches only if
the layer 4 port number is equal to the specified port
number or portkey.
When lt is specified, IPv6 ACL rule matches if the
layer 4 port number is less than the specified port
number or portkey. It is equivalent to specifying the
range as 0 to <specified port number – 1>.
When gt is specified, IPv6 ACL rule matches if the
layer 4 port number is greater than the specified port
number or portkey. It is equivalent to specifying the
range as <specified port number + 1> to 65535.
When neq is specified, IPv6 ACL rule matches only
if the layer 4 port number is not equal to the
specified port number or portkey.
Two rules are added in the hardware one with range
equal to 0 to <specified port number - 1> and one
with range equal to <<specified port number + 1 to
65535>>
Parameter Description
To Next Page
Loading...
