ipv6 blacklist packet permit

Function

The ipv6 blacklist packet permit command enables the system to reply with TCP/UDP packets to the source end.

The undo ipv6 blacklist packet permit command disables the system from replying with TCP/UDP packets to the source end.

By default, the system cannot reply with TCP/UDP packets to the source end.

Format

ipv6 blacklist packet permit

undo ipv6 blacklist packet permit

Parameters

None

Views

System view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
ip-stack write

Usage Guidelines

Usage Scenario

After an ACL is configured for services (for example, the snmp-agent acl command is configured for SNMP or the telnet ipv6 server acl command is configured for Telnet), If TCP6 or UDP6 packets are denied by a configured ACL6, the ipv6 blacklist packet permit command and its undo format can be used to control the system whether to reply with packets to the source end.

  • Running the ipv6 blacklist packet permit command enables the system to reply with packets to the source end.
  • Running the undo ipv6 blacklist packet permit command disables the system from replying with packets to the source end.

Configuration Impact

After the ipv6 blacklist packet permit command is run, the system will reply with specific packets to the source end based on the type of the packets denied by the system.

  • If the denied packets are TCP6 packets, the system will reply with TCP-RST packets to the source end.
  • If the denied packets are UDP6 packets, the system will reply with PORT-UNREACHABLE packets to the source end.

Example

# Enable the system to reply with packets to the source end.
<HUAWEI> system-view
[~HUAWEI] ipv6 blacklist packet permit
# Disable the system from replying with packets to the source end.
<HUAWEI> system-view
[~HUAWEI] undo ipv6 blacklist packet permit
Parent Topic: IPv6 Basic Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >