Permit/deny options
You can use the following criteria as options for permitting or denying a packet:
-
source IPv6 address
-
destination IPv6 address
-
IPv6 protocol options:
-
all IPv6 traffic
-
IPv6 traffic of a specific protocol type (0-255)
-
IPv6 traffic for a specific TCP port or range of ports, including:
-
optional control of connection (established) traffic based on whether the initial request should be allowed
-
TCP flag (control bit) options
-
-
IPv6 traffic for a specific UDP port or range of ports
-
IPv6 traffic for a specific ICMP type and code
-
any of the above with specific DSCP precedence or ToS settings
-
Carefully plan ACL applications before configuring specific ACLs. For more information on this topic, see Configuring and assigning an ACL.