Manualsbrain.com
  1. Manuels
  2. Marques
  3. 3com
  4. S7906E
  5. Guide De Référence

3com S7906E Guide De Référence

Télécharger
Page de 2327
 
1-26 
rule (in basic IPv6 ACL view) 
Syntax 
rule [ rule-id ] { deny | permit } [ fragment  | logging  | source  { ipv6-address  prefix-length | 
ipv6-address/prefix-length | any } | time-range time-range-name ] * 
undo rule rule-id [ fragment | logging | source | time-range ] * 
View 
Basic IPv6 ACL view  
Default Level 
2: System level 
Parameters 
rule-id: IPv6 ACL rule number in the range 0 to 65534.  
deny: Defines a deny statement to drop matched packets.  
permit: Defines a permit statement to allow matched packets to pass.  
fragment: Specifies that the rule applies to only IP fragments. 
logging: Specifies to log matched packets.  
source { ipv6-address prefix-length | ipv6-address/prefix-length  any  }: Specifies a source address. 
The ipv6-address and prefix-length arguments specify a source IPv6 address, and its address prefix 
length in the range 1 to 128. The any keyword indicates any IPv6 source address.   
time-range  time-range-name:  Specifies the time range in which the rule takes effect. The 
time-range-name argument specifies a time range name with 1 to 32 characters. It is case insensitive 
and must start with an English letter. To avoid confusion, this name cannot be all. 
Description 
Use the rule command to create an IPv6 ACL rule or modify the rule if it has existed.  
Use the undo rule command to remove an IPv6 ACL rule or parameters from the rule.  
With the undo rule command, if no parameters are specified, the entire ACL rule is removed; if other 
parameters are specified, only the involved information is removed. 
Note that: 
You will fail to create or modify a rule if its permit/deny statement is exactly the same as another 
rule. In addition, if the ACL match order is set to auto rather than config, you cannot modify ACL 
rules.  
When defining ACL rules, you need not assign them IDs. The system can automatically assign rule 
IDs starting with 0 and increasing in certain rule numbering steps. A rule ID thus assigned is greater 
than the current highest rule ID. For example, if the rule numbering step is five and the current 
highest rule ID is 28, the next rule will be numbered 30.  
You may use the display acl ipv6 command to verify rules configured in an ACL. If the match order 
for this IPv6 ACL is auto, rules are displayed in the depth-first match order rather than by rule 
number.