Brocade Communications Systems ServerIron ADX 12.4.00a User Manual

ServerIron ADX Security Guide

91

53-1002440-03

IACL overview

3

Syntax: permit | deny

| any | host
| any | host
[ipv6-operator []] [log]

For ICMP
Syntax: [no] ipv6 access-list

Syntax: permit | deny icmp | any | host

| any | host
[ipv6-operator []]
[ [][] ] | [] [log]

For TCP
Syntax: [no] ipv6 access-list

Syntax: permit | deny

| any | host [tcp-udp-operator
[source-port-number]]
| any | host
[tcp-udp-operator [destination-port- number]]
[ipv6-operator []] [log]

For UDP
Syntax: [no] ipv6 access-list

Syntax: permit | deny

| any | host [tcp-udp-operator
[source port number]]
| any | host
[tcp-udp-operator [destination port number]]
[ipv6-operator []] [log]

TABLE 6

Syntax Descriptions

Arguments...

Description...

ipv6 access-list

Enables the IPv6 configuration level and defines the name of the IPv6 ACL.
The can contain up to 199 characters and numbers, but
cannot begin with a number and cannot contain any spaces or quotation
marks.

permit

The ACL will permit (forward) packets that match a policy in the access list.

deny

The ACL will deny (drop) packets that match a policy in the access list.

icmp

Indicates the you are filtering ICMP packets.

protocol

The type of IPv6 packet you are filtering. You can specify a well-known name
for some protocols whose number is less than 255. For other protocols, you
must enter the number. Enter “?” instead of a protocol to list the well-known
names recognized by the CLI. IPv6 protocols include:
AHP – Authentication Header
ESP – Encapsulating Security Payload
IPv6 – Internet Protocol version 6
SCTP – Stream Control Transmission Protocol