Configuring a rule for an ipv6 advanced acl – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

657

Table 215 Configuration items

Item

Description

Select Access Control List
(ACL)

Select the IPv6 basic ACL for which you want to configure rules.
Available ACLs are IPv6 basic ACLs.

Rule ID

Select the Rule ID option and enter a number for the rule.
If you do not specify the rule number, the system assigns one automatically.

IMPORTANT:

If the rule number you specify already exists, this procedure modifies the

configuration of the existing rule.

Operation

Select the operation to be performed for IPv6 packets matching the rule:

•

Permit—Allows matched packets to pass.

•

Deny—Drops matched packets.

Check Fragment

Select this option to apply the rule to only non-first fragments.
If you do not select this option, the rule applies to all fragments and non-fragments.

NOTE:

Do not select this option for an AC, because an AC does not support fragmentation.

Check Logging

Select this option to keep a log of matched IPv6 packets.
A log entry contains the ACL rule number, operation for the matched packets,
protocol that IP carries, source/destination address, source/destination port

number, and number of matched packets.

NOTE:

Do not select this option for an AC, because an AC does not support logging.

Source IP Address

Select the Source IP Address option, and enter a source IPv6 address and prefix
length.
The IPv6 address must be in a format like X:X::X:X. An IPv6 address consists of eight

16-bit long fields, each of which is expressed with two hexadecimal numbers and
separated from its neighboring fields by colon (:).

Source Prefix

Time Range

Select the time range during which the rule takes effect.

Configuring a rule for an IPv6 advanced ACL

1.

Select QoS > ACL IPv6 from the navigation tree

2.

Click the Advanced Setup tab.