Advertisement
Parameters
Defaults
Command Modes
696
|
IPv6 Access Control Lists (IPv6 ACLs)
source address
mask
any
host ipv6-address
operator
port port
destination address
bit
count
byte
log
monitor
Not configured.
ACCESS-LIST
Enter the IPv6 address of the network or host from which the packets were sent
x:x:x:x::x
in the
format followed by the prefix length in the
Range: /0 to /128
::
The
notation specifies successive hexadecimal fields of zero.
Enter a network mask in /prefix format (
any
Enter the keyword
to specify that all routes are subject to the filter.
host
Enter the keyword
followed by the IPv6 address of the host in the
x:x:x:x::x
format.
::
The
notation specifies successive hexadecimal fields of zero
(OPTIONAL) Enter one of the following logical operand:
eq
•
= equal to
neq
•
= not equal to
gt
•
= greater than
lt
•
= less than
range
•
= inclusive range of ports (you must specify two port for the
parameter.)
Enter the application layer port number. Enter two port numbers if using the
range logical operand.
Range: 0 to 65535.
The following list includes some common TCP port numbers:
23 = Telnet
20 and 21 = FTP
25 = SMTP
169 = SNMP
Enter the IPv6 address of the network or host to which the packets are sent in
x:x:x:x::x
the
format followed by the prefix length in the
Range: /0 to /128
::
The
notation specifies successive hexadecimal fields of zero.
Enter a flag or combination of bits:
ack:
acknowledgement field
fin
: finish (no more data from the user)
psh:
push function
rst:
reset the connection
syn:
synchronize sequence numbers
urg:
urgent field
(OPTIONAL) Enter the keyword
filter.
(OPTIONAL) Enter the keyword
(OPTIONAL) Enter the keyword
(OPTIONAL) Enter the keyword
monitoring interface specified in the flow-based monitoring session along with
the filter operation.
/x
format.
/x
).
/x
format.
count
to count packets processed by the
byte
to count bytes processed by the filter.
log
to enter ACL matches in the log.
monitor
to monitor traffic on the
port
Advertisement
