Command Reference ACL Commands
sender-mac | any} {target-ip target-ip–wildcard | host target-ip | any}
[sn] deny protocol{source-ipv6-prefix/prefix-length | any | host source-ipv6-address }
{destination-ipv6-prefix / prefix-length | any| hostdestination-ipv6-address} [dscp dscp] [flow-label
flow-label] [fragment] [range lower upper] [time-range time-range-name]
Extended ipv6 ACLs of some important protocols:
Internet Control Message Protocol (ICMP)
[sn]deny icmp {source-ipv6-prefix / prefix-length | any source-ipv6-address | host}
{destination-ipv6-prefix / prefix-length| host destination-ipv6-address | any} [icmp-type] [[icmp-type
[icmp-code]] | [icmp-message]] [dscp dscp] [flow-label flow-label] [fragment] [time-range
time-range-name]
Transmission Control Protocol (TCP)
[sn] deny tcp {source-ipv6-prefix / prefix-length | hostsource-ipv6-address | any}[operator port[port]]
{destination-ipv6-prefix /prefix-length | host destination-ipv6-address | any} [operator port [port]]
[dscp dscp] [flow-label flow-label] [fragment] [range lower upper] [time-range time-range-name]
[match-all tcp-flag | established]
User Datagram Protocol (UDP)
[sn] deny udp {source-ipv6-prefix/prefix-length | host source-ipv6-address | any} [operator port
[port]] {destination-ipv6-prefix /prefix-length | host destination-ipv6-address | any}[operator port
[port]] [dscp dscp] [flow-label flow-label] [fragment] [range lower upper] [time-range
time-range-name]
ACL entry sequence number
Source IPv6 network address or network type
Destination IPv6 network address or network type
Differential Service Code Point
Code value, within the range of 0 to 63
Flow label value, within the range of 0 to 1048575.
For the IPv6, the field can be ipv6 | icmp | tcp | udp and number in the
range 0 to 255
Time range of the packet filtering
Time range name of the packet filtering
To Next Page
Loading...
Need help?
General