Brocade Virtual ADX Security Guide (Supporting ADX v03.1.00) User Manual
Page 66
54
Brocade Virtual ADX Security Guide
53-1003250-01
IPv6 ACL overview
3
protocol
The type of IPv6 packet you are filtering. You can specify a well-known name
for some protocols whose number is less than 255. For other protocols, you
must enter the number. Enter “?” instead of a protocol to list the well-known
names recognized by the CLI. IPv6 protocols include:
AHP – Authentication Header
ESP – Encapsulating Security Payload
IPv6 – Internet Protocol version 6
SCTP – Stream Control Transmission Protocol
ipv6-source-prefix/ prefix-length
The ipv6-source-prefix/prefix-length variable specify a source prefix and
prefix length that a packet must match for the specified action (deny or
permit) to occur. You must specify the ipv6-source-prefix variable in
hexadecimal using 16-bit values between colons as documented in RFC
2373. You must specify the prefix-length variable as a decimal value. A
slash mark (/) must follow the ipv6-prefix variable and precede the
prefix-length variable.
ipv6-destination-prefix/
prefix-length
The ipv6-destination-prefix/prefix-length variable specify a destination
prefix and prefix length that a packet must match for the specified action
(deny or permit) to occur. You must specify the ipv6-destination-prefix
variable in hexadecimal using 16-bit values between colons as documented
in RFC 2373. You must specify the prefix-length variable as a decimal value.
A slash mark (/) must follow the ipv6-prefix variable and precede the
prefix-length variable
any
When specified instead of the ipv6-source-prefix/prefix-length or
ipv6-destination-prefix/prefix-length variables, matches any IPv6 prefix and
is equivalent to the IPv6 prefix::/0.
host
Allows you specify a host IPv6 address. When you use this parameter, you
do not need to specify the prefix length. A prefix length of all128 is implied.
icmp-message
ICMP packets are filtered by ICMP messages. See the "Configuring IPv6
ICMP Features" section of the "Configuring IPv6 Connectivity" chapter of the
Brocade Virtual ADX Switching and Routing Guide.
tcp
Indicates the you are filtering TCP packets.
udp
Indicates the you are filtering UDP packets.
ipv6-source-prefix/
prefix-length
The ipv6-source-prefix/prefix-length variable specify a source prefix and
prefix length that a packet must match for the specified action (deny or
permit) to occur. You must specify the ipv6-source-prefix variable in
hexadecimal using 16-bit values between colons as documented in RFC
2373. You must specify the prefix-length variable as a decimal value. A
slash mark (/) must follow the ipv6-prefix variable and precede the
prefix-length variable.
ipv6-destination-prefix/
prefix-length
The ipv6-destination-prefix/prefix-length variable specify a destination
prefix and prefix length that a packet must match for the specified action
(deny or permit) to occur. You must specify the ipv6-destination-prefix
variable in hexadecimal using 16-bit values between colons as documented
in RFC 2373. You must specify the prefix-length variable as a decimal value.
A slash mark (/) must follow the ipv6-prefix variable and precede the
prefix-length variable
any
When specified instead of the ipv6-source-prefix/prefix-length or
ipv6-destination-prefix/prefix-length variables, matches any IPv6 prefix and
is equivalent to the IPv6 prefix::/0.
TABLE 3
Syntax descriptions (Continued)
Arguments...
Description...