2
57
Parameters
•
protocol
—The name or the number of an IP protocol. Available protocol
names are: icmp (58), tcp (6) and udp (17). To match any protocol, use the
ipv6 keyword. (Range: 0–255)
•
source-prefix
/
which to set permit conditions. This argument must be in the form
documented in RFC 3513 where the address is specified in hexadecimal
using 16-bit values between colons.
•
destination-prefix/length
networks about which to set permit conditions. This argument must be in
the form documented in RFC 3513 where the address is specified in
hexadecimal using 16-bit values between colons.
•
priority
- Specify the priority of the access control entry (ACE) in the access
control list (ACL). "1" value represents the highest priority and "2147483647"
number represents the lowest priority.(Range: 1-2147483647)
•
dscp
number
—Specifies the DSCP value. (Range: 0–63)
•
number
precedence
•
icmp-type
—Specifies an ICMP message type for filtering ICMP packets.
Enter a number or one of the following values: destination-unreachable (1),
packet-too-big (2), time-exceeded (3), parameter-problem (4), echo-request
(128), echo-reply (129), mld-query (130), mld-report (131), mldv2-report
(143), mld-done (132), router-solicitation (133), router-advertisement (134),
nd-ns (135), nd-na (136). (Range: 0–255)
•
icmp-code
—Specifies an ICMP message code for filtering ICMP packets.
(Range: 0–255)
•
destination-port
range of ports by using a hyphen. E.g. 20 - 21. For TCP enter a number or
one of the following values: bgp (179), chargen (19), daytime (13), discard (9),
domain (53), drip (3949), echo (7), finger (79), ftp (21), ftp-data (20), gopher
(70), hostname (42), irc (194), klogin (543), kshell (544), lpd (515), nntp (119),
pop2 (109), pop3 (110), smtp (25), sunrpc (1110, syslog (514), tacacs-ds
(49), talk (517), telnet (23), time (37), uucp (117), whois (43), www (80). For
UDP enter a number or one of the following values: biff (512), bootpc (68),
bootps (67), discard (9), dnsix (90), domain (53), echo (7), mobile-ip (434),
nameserver (42), netbios-dgm (138), netbios-ns (137), non500-isakmp
(4500), ntp (123), rip (520), snmp (161), snmptrap (162), sunrpc (111), syslog
(514), tacacs (49), talk (517), tftp (69), time (37), who (513), xdmcp (177).
(Range: 0–65535)
length
—The source IPv6 network or class of networks about
—The destination IPv6 network or class of
—Specifies the IP precedence value.
—Specifies the UDP/TCP destination port. You can enter a
Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide
ACL Commands