Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Access Control Command Reference-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
31323334353637383940
25
vpn-instance vpn-instance-name: Applies the rule to packets in a VPN instance. The vpn-instance-name
argument takes a case-sensitive string of 1 to 31 characters. If no VPN instance is specified, the rule
applies only to non-VPN packets.
Description
Use rule to create or edit an IPv6 basic ACL rule. You can edit ACL rules only when the match order is
config.
Use undo rule to delete an entire IPv6 basic ACL rule or some attributes in the rule. If no optional
keywords are provided, you delete the entire rule. If optional keywords or arguments are provided, you
delete the specific attributes.
By default, an IPv6 basic ACL does not contain any rule.
Within an ACL, the permit or deny statement of each rule must be unique. If the ACL rule you are creating
or editing has the same deny or permit statement as another rule in the ACL, your creation or editing
attempt will fail.
To view rules in an ACL and their rule IDs, use the display acl ipv6 all command.
Related commands: acl ipv6, display ipv6 acl, step, and time-range.
Examples
# Create an IPv6 basic ACL rule to deny the packets from any source IP segment but 1001::/16,
312 4 :1123::/32, or FE80:5060:1001::/48.
<Sysname> system-view
[Sysname] acl ipv6 number 2000
[Sysname-acl6-basic-2000] rule permit source 1001:: 16
[Sysname-acl6-basic-2000] rule permit source 3124:1123:: 32
[Sysname-acl6-basic-2000] rule permit source fe80:5060:1001:: 48
[Sysname-acl6-basic-2000] rule deny source any
rule comment
Syntax
rule rule-id comment text
undo rule rule-id comment
View
IPv4 basic/advanced ACL view, IPv6 basic/advanced ACL view, Ethernet frame header ACL view
Default level
2: System level
Parameters
rule-id: Specifies the ID of an existing ACL rule. The ID ranges from 0 to 65534.
text: Provides a description for the ACL rule, a case-sensitive string of 1 to 127 characters.
Description
Use rule comment to configure a description for an existing ACL rule or edit its description for easy
identification.
Use undo rule comment to delete the ACL rule description.