Cisco ASR 9000 Series Configuration Manual page 273

Configuring Subscriber Features
Command or Action
or
RP/0/RSP0/CPU0:router(config)# ipv6 access-lists
redirect_acl
Step 3 Do one of the following:
• [ sequence-number]{permit | deny} source
source-wildcard destination destination-wildcard
[precedence precedence] [dscp dscp] [fragments]
[packet-length operator packet-length value] [log |
log-input]
• [ sequence-number ] {permit | deny} protocol
{source-ipv6-prefix/prefix-length | any | host
source-ipv6-address} [operator {port | protocol-port}]
{destination-ipv6-prefix/prefix-length | any | host
destination-ipv6-address} [operator {port |
protocol-port}] [dscp value] [routing] [authen]
[destopts] [fragments] [packet-length operator
packet-length value] [log | log-input]
Example:
RP/0/RSP0/CPU0:router(config-ipv4-acl)# 10 permit
172.16.0.0 0.0.255.255
RP/0/RSP0/CPU0:router(config-ipv4-acl)# 20 deny
192.168.34.0 0.0.0.255
or
RP/0/RSP0/CPU0:router(config-ipv6-acl)# 20 permit
icmp any any
RP/0/RSP0/CPU0:router(config-ipv6-acl)# 30 deny tcp
any any gt 5000
Step 4 Repeat Step 3 as necessary, adding statements by sequence
number. Use the no sequence-number command to delete
an entry.
Step 5 {ipv4 | ipv6}access-list open_garden_acl
Example:
RP/0/RSP0/CPU0:router(config)# ipv4 access-lists
open_garden_acl
or
RP/0/RSP0/CPU0:router(config)# ipv6 access-lists
open_garden_acl
Step 6 Do one of the following:
• [ sequence-number]{permit | deny} source
source-wildcard destination destination-wildcard
OL-28375-03
Cisco ASR 9000 Series Aggregation Services Router Broadband Network Gateway Configuration Guide, Release
Identifying HTTP Destinations for Redirection
Purpose
Specifies one or more conditions allowed or denied in IPv4
or IPv6 access list redirect_acl.
• The optional log keyword causes an information
logging message about the packet that matches the entry
to be sent to the console.
• The optional log-input keyword provides the same
function as the log keyword, except that the logging
message also includes the input interface.
or
Specifies one or more conditions allowed or denied in IPv6
access list redirect_acl.
• Refer to the deny (IPv6) and permit (IPv6) commands
for more information on filtering IPv6 traffic based on
based on IPv6 option headers and optional, upper-layer
protocol type information.
Note Every IPv6 access list has an implicit deny ipv6 any
any statement as its last match condition. An IPv6
access list must contain at least one entry for the
implicit deny ipv6 any any statement to take effect.
Allows you to revise an access list.
Enters either IPv4 or IPv6 access list configuration mode and
configures the named access list for open garden.
Specifies one or more conditions allowed or denied in IPv4
access list open_garden_acl.
4.3.x
261