beautypg.com

Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 228

background image

210

Multi-Service IronWare Security Configuration Guide

53-1003035-02

Adding a comment to an IPv6 ACL entry

4

Once the default remark gets associated with a filter:

It gets the same sequence number as the filter.

You can provision another default remark which may be used by another filter.

To apply a comment to a specific ACL entry, specify the ACL’s entry number with the remark-entry
sequence command. Use the show ipv6 access-list command to list ACL entry number. Enter
commands such as the following.

Syntax: [no] remark-entry sequence sequence number comment-text

The sequence number is the line number assigned to the ACL entry. For a list of ACL entry numbers,
use the show ipv6 access-list command.

The comment-text can be up to 256 characters in length. The comment must be entered separately
from the actual ACL entry; that is, you cannot enter the ACL entry and the ACL comment with the
same command.

You can use the show running-config or show ipv6 access-list commands to display IPv6 ACLs and
comments.

The following shows the comment text for the ACL named “rtr” in a show running-config display.

Syntax: show running-config

NOTE

If "suppress-acl-seq" is ON; All unused "remark-entry" statements will be hidden while the
running-config is displayed or stored.
If "suppress-acl-seq" is ON; All used "remark-entry" statements will be displayed as "remark"
statements while the running-config is displayed or stored.

Brocade(config)# ipv6 access-list netw

Brocade(config-ipv6-access-list netw) remark-entry sequence 10 This entry permits

ipv6 packets from 3000::2 to any destination

Brocade(config-ipv6-access-list netw)# remark-entry sequence 20 This entry denies

UDP packets from any source to any destination

Brocade(config-ipv6-access-list netw)# remark-entry sequence 30 This entry denies

IPv6 packets from any source to any destination

Brocade# show running-config

ipv6 access-list rtr

remark This entry permits ipv6 packets from 3002::2 to any destination

permit ipv6 host 3000::2 any

remark This entry denies udp packets from any source to any destination

deny udp any any

remark This entry denies IPv6 packets from any source to any destination

deny ipv6 any any

See also other documents in the category Brocade Computer Accessories: