3Com Switch 8800 Advanced Software V5 Configuration Guide
818 CHAPTER 58: IPV6 ACL CONFIGURATION
[Sysname-acl6-adv-3000] display acl ipv6 3000
Advanced IPv6 ACL 3000, 1 rule,
Acl’s step is 5
rule 0 permit tcp source 2030:5060::9050/64 (5 times matched)
Displaying and
Maintaining IPv6 ACLs
IPv6 ACL
Configuration
Examples
IPv6 Configuration
Examples
Network Requirements
Perform packet filtering in the inbound direction of interface Ethernet 1/3/1 to
deny all IPv6 packets but those with source addresses in the range 4050::9000 to
4050::90FF.
Configuration Procedure
# Create an IPv6 ACL 2000 as follows: # Enter system view.
<Sysname> system-view
# Create an ACL rule, permitting the packets with the source IP addresses
in the range 4050::9000 to 4050::90FF.
[Sysname] acl ipv6 number 2000
[Sysname-acl6-basic-2000] rule permit source 4050::9000/120
# Create an ACL rule, denying the packets with any source IP addresses.
[Sysname] acl ipv6 number 2001
[Sysname-acl6-basic-2001] rule deny source any
Configure IPv6 packet filtering at the inbound direction of Ethernet 3/1/1
# Configure a traffic classification rule and a traffic behavior, permitting the
packets with the source IP addresses in the range 4050::9000 to 4050::90FF.
[Sysname] traffic classifier c_permit
[Sysname-classifier-c_permit] if-match acl ipv6 2000
[Sysname-classifier-c_permit] quit
[Sysname] traffic behavior b_permit
[Sysname-behavior-b_permit] filter permit
[Sysname-behavior-b_permit] quit
# Configure a traffic classification rule and a traffic behavior, denying the packets
with any source IP addresses.
To do... Use the command... Remarks
Display information about a
specified or all IPv6 ACLs
display acl ipv6 {
acl6-number | all | name
acl6-name }
Available in any view
Display the configuration and
status about the specified or
all time ranges
display time-range {
time-name | all }
Available in any view
Clear the statistics about a
specified or all IPv6 ACLs
reset acl ipv6 counter {
acl6-number | all }
Available in user view