38-156
38.20 permit | deny(ipv6 extended)
Command:
[no] {deny | permit} icmp {{sPrefixlen>} | any-source | {host-source <sIPv6Addr>}}
{dPrefixlen> | any-destination | {host-destination <dIPv6Addr>}} [<icmp-type> [<icmp-code>]]
[dscp <dscp>] [flow-label <fl>][time-range >]
[no] {deny | permit} tcp { /sPrefixlen> | any-source | {host-source }} [s-port
{ > | range <sPortMax> }] { > | any-destination | {host-destination
}} [d-port { <dPort> | range <dPortMin> > }] [syn | ack | urg | rst | fin | psh] [dscp
] [flow-label ][time-range ]
[no] {deny | permit} udp { > | any-source | {host-source }} [s-port
{ > | range }] { > | any-destination | {host-destination
}} [d-port { | range }] [dscp ] [flow-label
][time-range ]
[no] {deny | permit} {sPrefixlen> | any-source | {host-source }}
{dPrefixlen> | any-destination | {host-destination <dIPv6Addr>}} [dscp <dscp>] [flow-label
][time-range <time-range-name>]
[no] {deny | permit} {sPrefixlen> | any-source | {host-source >}}
{> | any-destination | {host-destination <dIPv6Addr>}} [dscp ] [flow-label ]
[time-range]
Function:
Create an extended nomenclature IPv6 access control rule for specific IPv6 protocol.
Parameter:
is the source IPv6 address; is the length of the IPv6 address prefix, the range is 1~128;
is the destination IPv6 address; <dPrefixlen> is the length of the IPv6 address prefix, the range is 1~
128; <igmp-type>, type of the IGMP; , icmp type; , icmp protocol number; , IPv6
priority ,the range is 0 ~ 63; , value of the flow label, the range is 0 ~ 1048575;
syn,ack,urg,rst,fin,psh,tcp label position; , source port number, the range is 0~65535;
, the
down boundary of source port; , the up boundary of source port; , destination port number, the
range is 0~ 65535; , the down boundary of destination port; , the up boundary of
destination port. , the IPv6 next-header. , time range name.
Command Mode:
IPv6 nomenclature extended access control list mode
Default:
No access control list configured.
