Netgear GSM7328Sv2 - ProSAFE 24+4 Gigabit Ethernet L3 Managed Stackable Switch 管理员指南
158
|
Chapter 10. ACLs
ProSafe 7000 Managed Switch Release 8.0.3
Note that the order of the rules is important: When a packet matches multiple rules, the first
rule takes precedence. Also, once you define an ACL for a given port, all traffic not
specifically permitted by the ACL is denied access.
rule takes precedence. Also, once you define an ACL for a given port, all traffic not
specifically permitted by the ACL is denied access.
GSM73xxS
2001:0DB8:c0ab:ac11::/64
2001:0DB8:c0ab:ac12::/64
2001:0DB8:c0ab:ac13::/64
2001:0DB8:c0ab:ac14::/64
IPv6 HTTP traffic
IPv6 Telnet traffic
IPv6 Any other traffic
Interface 1/0/1
Figure 19. IPv6 ACLs
The script in this section shows you how to set up an IPv6 ACL with the following three rules:
•
Rule-1. Permits every traffic to the destination network 2001:DB8:C0AB:AC14::/64.
•
Rule-2. Permits IPv6 TELNET traffic to the destination network
2001:DB8:C0AB:AC13::/64.
•
Rule-3. Permits IPv6 HTTP traffic to any destination.
CLI: Configure an IPv6 ACL
1.
Create the access control list with the name ipv6-acl.
(Netgear Switch) (Config)# ipv6 access-list ipv6-acl
2.
Define three rules to:
•
Permit any IPv6 traffic to the destination network 2001:DB8:C0AB:AC14::/64 from the
source network 2001:DB8:C0AB:AC11::/64.