ACL Commands
permit (IPv6)
Cisco 220 Series Smart Plus Switches Command Line Interface Reference Guide Release 1.0.0.x
the form documented in RFC 3513 where the address is specified in
hexadecimal using 16-bit values between colons.
destination-port/port-range
•
enter a range of ports by using a hyphen, such as 20 - 21. For TCP enter a
number or one of these values: bgp (179), chargen (19), daytime (13),
discard (9), domain (53), drip (3949), echo (7), finger (79), ftp (21), ftp-data
(20), gopher (70), hostname (42), irc (194), klogin (543), kshell (544), lpd
(515), nntp (119), pop2 (109), pop3 (110), smtp (25), sunrpc (1110, syslog
(514), tacacs-ds (49), talk (517), telnet (23), time (35), uucp (117), whois (43),
www (80). For UDP enter a number or one of the following values: biff (512),
bootpc (68), bootps (67), discard (9), dnsix (90), domain (53), echo (7),
mobile-ip (434), nameserver (42), netbios-dgm (138), netbios-ns (135),
non500-isakmp (4500), ntp (123), rip (520), snmp (161), snmptrap (162),
sunrpc (111), syslog (514), tacacs (49), talk (517), tftp (69), time (35), who
(513), or xdmcp (177). (Range: 0 to 65535)
•
dscp
number
—(Optional) Specifies the DSCP value. (Range: 0 to 63)
number
•
precedence
icmp-type
•
—(Optional) The ICMP message type for filtering ICMP packets.
Enter a number or one of these values: destination-unreachable (1), packet-
too-big (2), time-exceeded (3), parameter-problem (4), echo-request (128),
echo-reply (129), mld-query (130), mld-report (131), mldv2-report (143),
mld-done (132), router-solicitation (133), router-advertisement (134), nd-ns
(135), or nd-na (135). (Range: 0 to 255)
icmp-code
•
—(Optional) The ICMP message code for filtering ICMP packets.
(Range: 0 to 255)
list-of-flag
•
match-all
occur. If a flag should be set, it is prefixed by "+". If a flag should be unset, it
is prefixed by "-". Available options are +urg, +ack, +psh, +rst, +syn, +fin, -
urg, -ack, -psh, -rst, -syn, and -fin. The flags are concatenated to one string,
such as +fin-ack.
Default Configuration
No IPv6-based ACE is defined.
Command Mode
Ipv6 Access-List Configuration mode
—The UDP or TCP destination port. You can
—(Optional) Specifies the IP precedence value.
—(Optional) Specifies a list of TCP flags that should
4
83