beautypg.com

Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 161

background image

Syntax descriptions (Continued)

TABLE 13

IPv6 ACL
arguments

Description

ipv6-source-
prefix/prefix-
length

The ipv6-source-prefix/prefix-length parameter specify a source prefix and prefix length that a
packet must match for the specified action (deny or permit) to occur. You must specify the
ipv6-source-prefix parameter in hexadecimal using 16-bit values between colons as
documented in RFC 2373. You must specify the prefix-length parameter as a decimal value. A
slash mark (/) must follow the ipv6-prefix parameter and precede the prefix-length parameter.

ipv6-destination-
prefix/prefix-
length

The ipv6-destination-prefix/prefix-length parameter specify a destination prefix and prefix
length that a packet must match for the specified action (deny or permit) to occur. You must
specify the ipv6-destination-prefix parameter in hexadecimal using 16-bit values between
colons as documented in RFC 2373. You must specify the prefix-length parameter as a
decimal value. A slash mark (/) must follow the ipv6-prefix parameter and precede the prefix-
length parameter

any

When specified instead of the ipv6-source-prefix /prefix-length or ipv6-destination-prefix /prefix-
length parameters, matches any IPv6 prefix and is equivalent to the IPv6 prefix::/0.

host

Allows you specify a host IPv6 address. When you use this parameter, you do not need to
specify the prefix length. A prefix length of all128 is implied.

icmp-type

ICMP packets can be filtered by ICMP message type. The type is a number from 0 to 255.

icmp code

ICMP packets, which are filtered by ICMP message type can also be filtered by the ICMP
message code. The code is a number from 0 to 255,

icmp-message

ICMP packets are filtered by ICMP messages. Refer to

ICMP message configurations

on page

163 for a list of ICMP message types.

tcp

Indicates the you are filtering TCP packets.

udp

Indicates the you are filtering UDP packets.

ipv6-source-
prefix /prefix-
length

The ipv6-source-prefix /prefix-length parameter specify a source prefix and prefix length that a
packet must match for the specified action (deny or permit) to occur. You must specify the
ipv6-source-prefix parameter in hexadecimal using 16-bit values between colons as
documented in RFC 2373. You must specify the prefix-length parameter as a decimal value. A
slash mark (/) must follow the ipv6-prefix parameter and precede the prefix-length parameter.

ipv6-destination-
prefix /prefix-
length

The ipv6-destination-prefix /prefix-length parameter specify a destination prefix and prefix
length that a packet must match for the specified action (deny or permit) to occur. You must
specify the ipv6-destination-prefix parameter in hexadecimal using 16-bit values between
colons as documented in RFC 2373. You must specify the prefix-length parameter as a
decimal value. A slash mark (/) must follow the ipv6-prefix parameter and precede the prefix-
length parameter

any

When specified instead of the ipv6-source-prefix /prefix-length or ipv6-destination-prefix /prefix-
length parameters, matches any IPv6 prefix and is equivalent to the IPv6 prefix::/0.

host

Allows you specify a host IPv6 address. When you use this parameter, you do not need to
specify the prefix length. A prefix length of all128 is implied.

IPv6 ACLs

FastIron Ethernet Switch Security Configuration Guide

161

53-1003088-03

See also other documents in the category Brocade Computer Accessories: