ipv6 access-list

Configure a IPv6 Access List

access-list Specification

Parameter Value
Type Collection
Object Key(s) name
Collection Name access-list-list
Collection URI /axapi/v3/ipv6/access-list
Element Name access-list
Element URI /axapi/v3/ipv6/access-list/{name}
Element Attributes access-list_attributes
Partition Visibility shared
Schema access-list schema

Operations Allowed:

OperationMethodURIPayload

Create Object

POST

/axapi/v3/ipv6/access-list

access-list attributes

Create List

POST

/axapi/v3/ipv6/access-list

access-list attributes

Get Object

GET

/axapi/v3/ipv6/access-list/{name}

access-list attributes

Get List

GET

/axapi/v3/ipv6/access-list

access-list-list

Modify Object

POST

/axapi/v3/ipv6/access-list/{name}

access-list attributes

Replace Object

PUT

/axapi/v3/ipv6/access-list/{name}

access-list attributes

Replace List

PUT

/axapi/v3/ipv6/access-list

access-list-list

Delete Object

DELETE

/axapi/v3/ipv6/access-list/{name}

access-list attributes

access-list-list

access-list-list is JSON List of access-list attributes

access-list-list : [

access-list attributes

name

Description Named Access List

Type: string

Maximum Length: 16 characters

Maximum Length: 1 characters

rules

Type: List

user-tag

Description Customized tag

Type: string

Format: string-rlx

Maximum Length: 127 characters

Maximum Length: 1 characters

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

rules

Specification Value
Type list
Block object keys  

acl-log

Description Log matches against this entry

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

action

Description ‘deny’: Deny; ‘permit’: Permit; ‘l3-vlan-fwd-disable’: Disable L3 forwarding between VLANs;

Type: string

Supported Values: deny, permit, l3-vlan-fwd-disable

any-code

Description Any ICMP code

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: any-code, icmp-code, and special-code are mutually exclusive

any-type

Description Any ICMP type

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: any-type, icmp-type, and special-type are mutually exclusive

dscp

Description DSCP

Type: number

Range: 1-63

dst-any

Description Any destination host

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: dst-any,dst-host, dst-subnet, and dst-object-group are mutually exclusive

dst-eq

Description Match only packets on a given destination port (port number)

Type: number

Range: 1-65535

Mutual Exclusion: dst-eq,dst-gt, dst-lt, and dst-range are mutually exclusive

dst-gt

Description Match only packets with a greater port number

Type: number

Range: 1-65534

Mutual Exclusion: dst-gt,dst-eq, dst-lt, and dst-range are mutually exclusive

dst-host

Description A single destination host (Host address)

Type: string

Format: ipv6-address

Mutual Exclusion: dst-host,dst-any, dst-subnet, and dst-object-group are mutually exclusive

dst-lt

Description Match only packets with a lesser port number

Type: number

Range: 2-65535

Mutual Exclusion: dst-lt,dst-eq, dst-gt, and dst-range are mutually exclusive

dst-object-group

Description Destination network object group name

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Mutual Exclusion: dst-object-group,dst-any, dst-host, and dst-subnet are mutually exclusive

dst-port-end

Description Edning Destination Port Number

Type: number

Range: 1-65535

dst-range

Description Match only packets in the range of port numbers (Starting Destination Port Number)

Type: number

Range: 1-65535

Mutual Exclusion: dst-range,dst-eq, dst-gt, and dst-lt are mutually exclusive

dst-subnet

Description Destination Address

Type: string

Format: ipv6-address-plen

Mutual Exclusion: dst-subnet,dst-any, dst-host, and dst-object-group are mutually exclusive

established

Description TCP established

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

ethernet

Description Ethernet interface (Port number)

Type: number

Format: interface

fragments

Description IP fragments

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

geo-location

Description Specify geo-location name

Type: string

Maximum Length: 63 characters

Maximum Length: 1 characters

Mutual Exclusion: geo-location,icmp, tcp, udp, ipv6, and service-obj-group are mutually exclusive

icmp

Description Internet Control Message Protocol

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: icmp,tcp, udp, ipv6, service-obj-group, and geo-location are mutually exclusive

icmp-code

Description ICMP code number

Type: number

Range: 0-254

Mutual Exclusion: icmp-code, any-code, and special-code are mutually exclusive

icmp-type

Description ICMP type number

Type: number

Range: 0-254

Mutual Exclusion: icmp-type, any-type, and special-type are mutually exclusive

ipv6

Description Any Internet Protocol

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: ipv6,icmp, tcp, udp, service-obj-group, and geo-location are mutually exclusive

remark

Description Access list entry comment (Notes for this ACL)

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

seq-num

Description Sequence Number

Type: number

Range: 1-8192

service-obj-group

Description Service object group (Source object group name)

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Mutual Exclusion: service-obj-group,icmp, tcp, udp, ipv6, and geo-location are mutually exclusive

special-code

Description ‘addr-unreachable’: Code 3, address unreachable; ‘admin-prohibited’: Code 1, admin prohibited; ‘no-route’: Code 0, no route to destination; ‘not-neighbour’: Code 2, not neighbor; ‘port-unreachable’: Code 4, destination port unreachable;

Type: string

Supported Values: addr-unreachable, admin-prohibited, no-route, not-neighbour, port-unreachable

Mutual Exclusion: special-code, any-code, and icmp-code are mutually exclusive

special-type

Description ‘echo-reply’: Type 129, echo reply; ‘echo-request’: help Type 128, echo request; ‘packet-too-big’: Type 2, packet too big; ‘param-prob’: Type 4, parameter problem; ‘time-exceeded’: Type 3, time exceeded; ‘dest-unreachable’: Type 1, destination unreachable;

Type: string

Supported Values: echo-reply, echo-request, packet-too-big, param-prob, time-exceeded, dest-unreachable

Mutual Exclusion: special-type, icmp-type, and any-type are mutually exclusive

src-any

Description Any source host

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: src-any,src-host, src-subnet, and src-object-group are mutually exclusive

src-eq

Description Match only packets on a given source port (port number)

Type: number

Range: 1-65535

Mutual Exclusion: src-eq,src-gt, src-lt, and src-range are mutually exclusive

src-gt

Description Match only packets with a greater port number

Type: number

Range: 1-65534

Mutual Exclusion: src-gt,src-eq, src-lt, and src-range are mutually exclusive

src-host

Description A single source host (Host address)

Type: string

Format: ipv6-address

Mutual Exclusion: src-host,src-any, src-subnet, and src-object-group are mutually exclusive

src-lt

Description Match only packets with a lower port number

Type: number

Range: 2-65535

Mutual Exclusion: src-lt,src-eq, src-gt, and src-range are mutually exclusive

src-object-group

Description Network object group (Source network object group name)

Type: string

Format: string-rlx

Maximum Length: 63 characters

Maximum Length: 1 characters

Mutual Exclusion: src-object-group,src-any, src-host, and src-subnet are mutually exclusive

src-port-end

Description Ending Port Number

Type: number

Range: 1-65535

src-range

Description match only packets in the range of port numbers (Starting Port Number)

Type: number

Range: 1-65535

Mutual Exclusion: src-range,src-eq, src-gt, and src-lt are mutually exclusive

src-subnet

Description Source Address

Type: string

Format: ipv6-address-plen

Mutual Exclusion: src-subnet,src-any, src-host, and src-object-group are mutually exclusive

tcp

Description protocol TCP

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: tcp,icmp, udp, ipv6, service-obj-group, and geo-location are mutually exclusive

trunk

Description Ethernet trunk (trunk number)

Type: number

Format: interface

udp

Description protocol UDP

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: udp,icmp, tcp, ipv6, service-obj-group, and geo-location are mutually exclusive

vlan

Description VLAN ID

Type: number

Range: 1-4094