Allied Telesis AT-8100 Series User Manual

Chapter 99: ACL Commands

1626

eq

Matches packets that are equal to the TCP port number specified
by the dest_ipaddress parameter.

dst_tcp_port

Specifies the destination TCP port number. The range is 0 to
65535. Omit this parameter if you are entering a range of port
numbers.

time-range

Specifies the name of a time range that is created with the TIME-
RANGE command. You must create a time range before entering it
as a parameter value. See “TIME-RANGE” on page 1646.

vid

Indicates a VLAN identifier. Specify a VLAN if you want the ACL to
filter tagged packets. Omit a VLAN if you want the ACL to filter
untagged packets. Specify a value between 1 and 4094. You can
enter only one VID.

Mode

Configuration IPv6 ACL mode

Description

Use this command to create IPv6 access control lists that filter ingress
packets based on TCP port numbers.

Examples

This example creates a TCP-based IPv6 ACL list, named “tcpdeny,” that
denies TCP packets on any source IPv6 address and any destination IPv6
address to VLAN 4. Then the ACL is assigned to port 8:

awplus> enable
awplus# configure terminal
awplus(config)# ipv6 access-list tcpdeny
awplus(config-ipv6-acl)# deny tcp any any eq vlan 4
awplus(config-ipv6-acl)# exit
awplus(config)# interface port1.0.8
awplus(config_if)# ipv6 traffic-filter tcpdeny