DELL 8132 ユーザーズマニュアル
512
IPv6 Access List Commands
deny
|
permit (IPv6 ACL)
This command creates a new rule for the current IPv6 access list. Each rule is
appended to the list of configured rules for the list.
A rule may either deny or permit traffic according to the specified
A rule may either deny or permit traffic according to the specified
classification fields. At a minimum, either the every keyword or the protocol,
source address, and destination address values must be specified. The source
and destination IPv6 address fields may be specified using the keyword any to
indicate a match on any value in that field. The remaining command
parameters are all optional, but the most frequently used parameters appear
in the same relative order as shown in the command format.
The assign-queue parameter allows specification of a particular hardware
The assign-queue parameter allows specification of a particular hardware
queue for handling traffic that matches this rule. The assign-queue parameter
is valid only for a permit rule.
The command is enhanced to accept the optional time-range parameter. The
The command is enhanced to accept the optional time-range parameter. The
time-range parameter allows imposing a time limitation on the IPv6 ACL rule
as defined by the parameter
time-range-name. If a time range with the
specified name does not exist, and the IPv6 ACL containing this ACL rule is
applied to an interface or bound to a VLAN, then the ACL rule is applied
immediately. If a time range with the specified name exists, and the IPv6
ACL containing this ACL rule is applied to an interface or bound to a VLAN,
then the ACL rule is applied when the time-range with a specified name
becomes active. The ACL rule is removed when the time-range with a
specified name becomes inactive.
Syntax
{deny | permit} {every | {{icmpv6 | ipv6 | tcp | udp |
protocolnumber}
{any |
sourceipv6prefix/prefixlength} [eq {portnumber | portkey}] {any |
destinationipv6prefix/prefixlength}] [eq {portnumber | portkey}] [flow-
label
flow-label-value] [dscp dscp-value]} [assign-queue queue-id] [log]
[{mirror | redirect}
interface-id] [time-range time-range-name]
Parameter Description
Parameter
Description
deny | permit
Specifies whether the IP ACL rule permits or denies an action.
2CSPC4.X8100-SWUM102.book Page 512 Friday, March 15, 2013 8:56 AM