Brocade Communications Systems ServerIron ADX 12.4.00 Service Manual download pdf (Page 114)

102 ServerIron ADX NAT64 Configuration Guide

53-1002444-02

Configuring IPv6 ACLs

DRAFT: BROCADE CONFIDENTIAL

The deny statement denies ICMP neighbor discovery acknowledgement.

IPv6 ACL syntax

When creating IPv6 ACLs, you must use the syntax that is appropriate to the protocol you are

filtering. The following sections show the IPv6 ACL syntax for the ICMP, TCP, UDP, and other

supported protocols.

ICMP syntax

Syntax: [no] ipv6 access-list <acl-name>

Syntax: permit | deny icmp <ipv6-source-prefix/prefix-length> | any | host

<source-ipv6_address>

<ipv6-destination-prefix/prefix-length> | any | host <ipv6-destination-address>

[ipv6-operator [<value>]]

[ [<icmp-type>][<icmp-code>] ] | [<icmp-message>] [log]

TCP syntax

Syntax: [no] ipv6 access-list <acl-name>

Syntax: permit | deny tcp

<ipv6-source-prefix/prefix-length> | any | host <source-ipv6_address> [tcp-udp-operator

<source-port-number>]

<ipv6-destination-prefix/prefix-length> | any | host <ipv6-destination-address>

[tcp-udp-operator <destination-port-number>]

[ipv6-operator [<value>]] [log]

UDP syntax

Syntax: [no] ipv6 access-list <acl-name>

Syntax: permit | deny udp

<ipv6-source-prefix/prefix-length> | any | host <source-ipv6_address> [tcp-udp-operator

<source-port-number>]

<ipv6-destination-prefix/prefix-length> | any | host <ipv6-destination-address>

[tcp-udp-operator <destination-port-number>]

[ipv6-operator [<value>]] [log]

IPv6 and supported protocols other than ICMP, TCP, or UDP

Syntax: [no] ipv6 access-list <acl-name>

Syntax: permit | deny <protocol>

<ipv6-source-prefix/prefix-length> | any | host <source-ipv6_address>

<ipv6-destination-prefix/prefix-length> | any | host <ipv6-destination-address>

[ipv6-operator [<value>]] [log]

1 2 ... 109 110 111 112 113 114 115 116 117 118 119 ... 148 149

No comments

Brocade Communications Systems ServerIron ADX 12.4.00 Service Manual Page 114