Parameters
Defaults
Command Modes
696
|
IPv6 Access Control Lists (IPv6 ACLs)
source address
mask
any
host ipv6-address
operator
port port
destination address
bit
count
byte
log
monitor
Not configured.
ACCESS-LIST
Enter the IPv6 address of the network or host from which the packets were sent
x:x:x:x::x
in the
format followed by the prefix length in the
Range: /0 to /128
::
The
notation specifies successive hexadecimal fields of zero.
Enter a network mask in /prefix format (
any
Enter the keyword
to specify that all routes are subject to the filter.
host
Enter the keyword
followed by the IPv6 address of the host in the
x:x:x:x::x
format.
::
The
notation specifies successive hexadecimal fields of zero
(OPTIONAL) Enter one of the following logical operand:
eq
•
= equal to
neq
•
= not equal to
gt
•
= greater than
lt
•
= less than
range
•
= inclusive range of ports (you must specify two port for the
parameter.)
Enter the application layer port number. Enter two port numbers if using the
range logical operand.
Range: 0 to 65535.
The following list includes some common TCP port numbers:
23 = Telnet
20 and 21 = FTP
25 = SMTP
169 = SNMP
Enter the IPv6 address of the network or host to which the packets are sent in
x:x:x:x::x
the
format followed by the prefix length in the
Range: /0 to /128
::
The
notation specifies successive hexadecimal fields of zero.
Enter a flag or combination of bits:
ack:
acknowledgement field
fin
: finish (no more data from the user)
psh:
push function
rst:
reset the connection
syn:
synchronize sequence numbers
urg:
urgent field
(OPTIONAL) Enter the keyword
filter.
(OPTIONAL) Enter the keyword
(OPTIONAL) Enter the keyword
(OPTIONAL) Enter the keyword
monitoring interface specified in the flow-based monitoring session along with
the filter operation.
/x
format.
/x
).
/x
format.
count
to count packets processed by the
byte
to count bytes processed by the filter.
log
to enter ACL matches in the log.
monitor
to monitor traffic on the
port