Command
show mac access-lists
name
[
]
Configuring an IPv6 ACL
Beginning in Privileged EXEC mode, use the following commands to create
an IPv6 ACL, configure rules for the ACL, and bind the ACL to an interface.
Command
configure
ipv6 access-list
{permit | deny} {every |
{{icmp | igmp | ipv6 |
number
tcp | udp |
source ipv6
{any |
prefix/prefix length
portkey
portvalue
{
|
destination ipv6
{any |
prefix/prefix length
portkey
portvalue
{
|
value
[flow-label
dscp
]}} [log] [time-
time-range-name
range
queue-id
[assign-queue
[{mirror | redirect}
interface
]
562
Configuring Access Control Lists
Purpose
Display all MAC access lists and all of the rules that are
defined for the MAC ACL. Use the optional
parameter to identify a specific MAC ACL to display.
Purpose
Enter global configuration mode.
name
Create a named IPv6 ACL. This command also enters IPv6
Access List Configuration mode. If an IPv6 ACL with this
name already exists, this command enters the mode to
update the existing ACL.
Specify the match conditions for the IPv6 access list.
• deny | permit — Specifies whether the IP ACL rule
}
permits or denies an action.
• every — Allows all protocols.
} [eq
}]
number
•
keywords icmp, igmp, ipv6, tcp, udp.
} [eq
source ipv6 prefix
•
}]
format.
] [dscp
prefix-length
•
]
• eq — Equal. Refers to the Layer 4 port number being
]
used as a match criteria. The first reference is source
match criteria, the second is destination match criteria.
portkey
•
one of the following keywords: domain, echo, efts,
ftpdata, http, smtp, snmp, telnet, tftp, and www.
portvalue
•
the ACL rule is specified by the port value parameter.
(Range: 0–65535).
— Standard protocol number or protocol
— IPv6 prefix in IPv6 global address
— IPv6 prefix length value.
— Or you can specify the portkey, which can be
— The source layer 4 port match condition for
name