Cisco Cisco Packet Data Gateway (PDG)
IPv6 ACL Configuration Mode Commands
▀ deny/permit (by TCP/UDP packets)
▄ Command Line Interface Reference, StarOS Release 17
6618
deny/permit (by TCP/UDP packets)
Used to filter subscriber sessions based on the transmission control protocol/user datagram protocol packets sent by the
source to the mobile node or the network.
source to the mobile node or the network.
Product
All
Privilege
Security Administrator, Administrator
Mode
Exec > Global Configuration > Context Configuration > IPv6 ACL Configuration
configure > context context_name > ipv6 access-list ipv6_acl_name
Entering the above command sequence results in the following prompt:
[context_name]host_name(config-ipv6-acl)#
Syntax
{ deny | permit } [ log ] { tcp | udp } { { source_address source_wildcard | any | host
source_host_address } [ eq source_port | gt source_port | lt source_port | neq
source_port ] } { { dest_address dest_wildcard | any | host dest_host_address } [ eq
dest_port | gt dest_port | lt dest_port | neq dst_port ] }
source_host_address } [ eq source_port | gt source_port | lt source_port | neq
source_port ] } { { dest_address dest_wildcard | any | host dest_host_address } [ eq
dest_port | gt dest_port | lt dest_port | neq dst_port ] }
after { deny | permit } [ log ] { tcp | udp } { { source_address source_wildcard | any |
host source_host_address } [ eq source_port | gt source_port | lt source_port | neq
source_port ] } { { dest_address dest_wildcard | any | host dest_host_address } [ eq
dest_port | gt dest_port | lt dest_port | neq dst_port ] }
host source_host_address } [ eq source_port | gt source_port | lt source_port | neq
source_port ] } { { dest_address dest_wildcard | any | host dest_host_address } [ eq
dest_port | gt dest_port | lt dest_port | neq dst_port ] }
before { deny | permit } [ log ] { tcp | udp } { { source_address source_wildcard | any |
host source_host_address } [ eq source_port | gt source_port | lt source_port | neq
source_port ] } { { dest_address dest_wildcard | any | host dest_host_address } [ eq
dest_port | gt dest_port | lt dest_port | neq dst_port ] }
host source_host_address } [ eq source_port | gt source_port | lt source_port | neq
source_port ] } { { dest_address dest_wildcard | any | host dest_host_address } [ eq
dest_port | gt dest_port | lt dest_port | neq dst_port ] }
no { deny | permit } [ log ] { tcp | udp } { { source_address source_wildcard | any |
host source_host_address } [ eq source_port | gt source_port | lt source_port | neq
source_port ] } { { dest_address dest_wildcard | any | host dest_host_address } [ eq
dest_port | gt dest_port | lt dest_port | neq dst_port ] }
host source_host_address } [ eq source_port | gt source_port | lt source_port | neq
source_port ] } { { dest_address dest_wildcard | any | host dest_host_address } [ eq
dest_port | gt dest_port | lt dest_port | neq dst_port ] }
after
Indicates all rules defined subsequent to this command are to be inserted after the command identified by the
exact options listed.
This moves the insertion point to be immediately after the rule which matches the exact options specified
such that new rules will be added, in order, after the matching rule.
exact options listed.
This moves the insertion point to be immediately after the rule which matches the exact options specified
such that new rules will be added, in order, after the matching rule.
Important:
If the options specified do not exactly match an existing rule, the insertion point does not change.