Allied Telesis AlliedWare Plus Operating System Version 5.4.4C (x310-26FT,x310-26FP,x310-50FT,x310-50FP) User Manual

IPv6 Software Access Control List (ACL) Commands

Software Reference for x310 Series Switches

C613-50046-01 REV A

AlliedWare Plus

TM

Operating System - Version 5.4.4C

37.7

For backwards compatibility you can either create IPv6 extended access-lists from within
this command, or you can enter ipv6 access-list extended followed by only the
IPv6 extended access-list name. This latter (and preferred) method moves you to the
(config-ipv6-ext-acl)

prompt for the selected IPv6 extended access-list number,

and from here you can configure the filters for this selected access-list.

Example 1

[creating a list]

To add a new filter to the access-list named my-list that will reject incoming ICMP
packets from 2001:0db8::0/64 to 2001:0db8::f/64, use the commands:

Example 2

[adding to a list]

To insert a new filter at sequence number 5 of the access-list named my-list that will
accept ICMP type 8 packets from the 2001:0db8::0/64 network to the
2001:0db8::f/64

network, use the commands:

Example 3

[list with filter]

To create the access-list named TK to deny TCP protocols, use the commands:

Related Commands

ipv6 access-list extended proto
(ipv6 access-list extended IP protocol filter)
(ipv6 access-list extended TCP UDP filter)
show ipv6 access-list (IPv6 Software ACLs)
show running-config

Note

Software ACLs will deny access unless explicitly permitted by an ACL action.

awplus#

configure terminal

awplus(config)#

ipv6 access-list extended my-list

awplus(config-ipv6-ext-acl)#

icmp 2001:0db8::0/64 2001:0db8::f/64

awplus#

configure terminal

awplus(config)#

ipv6 access-list extended my-list

awplus(config-ipv6-ext-acl)#

5 icmp 2001:0db8::0/64
2001:0db8::f/64

awplus#

configure terminal

awplus(config)#

ipv6 access-list extended TK deny tcp any eq
14 any lt 12 log