HP 6125XLG R2306-HP 6125XLG Blade Switch ACL and QoS Configuration Guide - Page 12
Configuring an IPv6 advanced ACL
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 12 highlights
Step Command Remarks 2. Create an IPv4 advanced ACL acl number acl-number [ name and enter its view. acl-name ] [ match-order { auto | config } ] 3. (Optional.) Configure a description for the IPv4 advanced ACL. 4. (Optional.) Set the rule numbering step. description text step step-value By default, no ACL exists. IPv4 advanced ACLs are numbered in the range of 3000 to 3999. You can use the acl name acl-name command to enter the view of a named ACL. By default, an IPv4 advanced ACL has no ACL description. The default setting is 5. 5. Create or edit a rule. rule [ rule-id ] { deny | permit } protocol [ { { ack ack-value | fin fin-value | psh psh-value | rst rst-value | syn syn-value | urg urg-value } * | established } | counting | destination { dest-address dest-wildcard | any } | destination-port operator port1 [ port2 ] | { dscp dscp | { precedence precedence | tos tos } * } | fragment | icmp-type { icmp-type [ icmp-code ] | icmp-message } | logging | source { source-address source-wildcard | any } | source-port operator port1 [ port2 ] | time-range time-range-name | vpn-instance vpn-instance-name ] * By default, an IPv4 advanced ACL does not contain any rule. The logging keyword takes effect only when the module (for example, packet filtering) that uses the ACL supports logging. If an IPv4 advanced ACL is for QoS traffic classification or packet filtering, do not specify the vpn-instance keyword or specify neq for the operator argument. 6. (Optional.) Add or edit a rule comment. rule rule-id comment text By default, no rule comments are configured. Configuring an IPv6 advanced ACL IPv6 advanced ACLs match packets based on the source IPv6 addresses, destination IPv6 addresses, packet priorities, protocols carried over IPv6, and other protocol header fields such as the TCP/UDP source port number, TCP/UDP destination port number, ICMPv6 message type, and ICMPv6 message code. Compared to IPv6 basic ACLs, IPv6 advanced ACLs allow more flexible and accurate filtering. To configure an IPv6 advanced ACL: Step 1. Enter system view. Command system-view Remarks N/A 6