Справочное Руководство для 3com S7906E

 

1-27 

For a basic IPv6 ACL to be referenced by a QoS policy for traffic classification, the logging and 

fragment keywords are not supported. 

 

# Create rules in IPv6 ACL 2000, to permit packets with source address being 2030:5060::9050/64 to 

pass.  

<Sysname> system-view 

[Sysname] acl ipv6 number 2000 

[Sysname-acl6-basic-2000] rule permit source 2030:5060::9050/64 

rule [ rule-id ] { deny | permit } protocol  [  destination  { dest dest-prefix | dest/dest-prefix | any  } | 

destination-port operator port1  [ port2 ] | dscp  dscp | fragment | icmpv6-type { icmpv6-type 

icmpv6-code | icmpv6-message } | logging | source { source source-prefix | source/source-prefix | any } 

| source-port operator port1 [ port2 ] | time-range time-range-name ] * 

undo rule rule-id [ destination | destination-port | dscp | fragment | icmpv6-type | logging | source 

| source-port | time-range ] * 

Advanced IPv6 ACL view  

2: System level 

rule-id: IPv6 ACL rule number in the range 0 to 65534.  

deny: Defines a deny statement to drop matched packets.  

permit: Defines a permit statement to allow matched packets to pass.  

protocol: Protocol carried on IPv6. It can be a number in the range 0 to 255, or in words, gre  (47), 

icmpv6 (58), ipv6, ipv6-ah (51), ipv6-esp (50), ospf (89), tcp (6), udp (17).  

Table 1-9 Match criteria and other rule information for advanced IPv6 ACL rules  

source { source source-prefix | 
source/source-prefix | any } 

Specifies a source IPv6 
address.  

The source and source-prefix 
arguments specify an IPv6 
source address and its prefix 
length in the range 1 to 128.  

The any keyword indicates any 
IPv6 source address.