Справочное Руководство для 3com S7906E
1-27
For a basic IPv6 ACL to be referenced by a QoS policy for traffic classification, the logging and
fragment keywords are not supported.
Examples
# Create rules in IPv6 ACL 2000, to permit packets with source address being 2030:5060::9050/64 to
pass.
<Sysname> system-view
[Sysname] acl ipv6 number 2000
[Sysname-acl6-basic-2000] rule permit source 2030:5060::9050/64
rule (in advanced IPv6 ACL view)
Syntax
rule [ rule-id ] { deny | permit } protocol [ destination { dest dest-prefix | dest/dest-prefix | any } |
destination-port operator port1 [ port2 ] | dscp dscp | fragment | icmpv6-type { icmpv6-type
icmpv6-code | icmpv6-message } | logging | source { source source-prefix | source/source-prefix | any }
| source-port operator port1 [ port2 ] | time-range time-range-name ] *
undo rule rule-id [ destination | destination-port | dscp | fragment | icmpv6-type | logging | source
| source-port | time-range ] *
View
Advanced IPv6 ACL view
Default Level
2: System level
Parameters
rule-id: IPv6 ACL rule number in the range 0 to 65534.
deny: Defines a deny statement to drop matched packets.
permit: Defines a permit statement to allow matched packets to pass.
protocol: Protocol carried on IPv6. It can be a number in the range 0 to 255, or in words, gre (47),
icmpv6 (58), ipv6, ipv6-ah (51), ipv6-esp (50), ospf (89), tcp (6), udp (17).
Table 1-9 Match criteria and other rule information for advanced IPv6 ACL rules
Parameters
Function
Description
source { source source-prefix |
source/source-prefix | any }
source/source-prefix | any }
Specifies a source IPv6
address.
address.
The source and source-prefix
arguments specify an IPv6
source address and its prefix
length in the range 1 to 128.
arguments specify an IPv6
source address and its prefix
length in the range 1 to 128.
The any keyword indicates any
IPv6 source address.
IPv6 source address.