The rule description command configures a description for an ACL6 rule.
The undo rule description command deletes the description of an ACL6 rule.
By default, no description is configured for an ACL6 rule.
| Parameter | Description | Value |
|---|---|---|
| rule-id |
Specifies the ID of an ACL6 rule. |
The value is an integer ranging from 0 to 4294967294. |
| destext |
Specifies the description of an ACL6 rule. |
The value is a string of 1 to 127 case-sensitive characters, spaces supported. The value must not start with spaces and can be a combination of letters, numbers, and spaces. |
| destination |
Matches packets based on destination IPv6 addresses. If destination is not configured, packets to any destination IPv6 address are matched. |
- |
| destination-port |
Matches packets based on destination port numbers. This parameter is available only when protocol is set to tcp (6) or udp (17). If destination-port is not configured, TCP and UDP packets to any destination ports are matched. |
- |
| fragment |
Checks fragmented packets. |
- |
| icmp6-type |
Specifies the type of an ICMPv6 message. |
- |
| precedence |
Matches IPv6 packets based on the leftmost three bits of theTC field. |
- |
| source |
Matches packets based on source IPv6 addresses. If source is not configured, packets from any source IPv6 address are matched. |
- |
| source-port |
Matches packets based on source port numbers. If source-port is not configured, packets from any source ports are matched. |
- |
| time-range |
Specifies a time range during which an ACL6 rule takes effect. If the time-range is not configured for ACL, it indicates the ACL takes effect immediately. A time range is configured using the time-range command. |
- |
| tos |
Matches IPv6 packets based on the leftmost four to seven bits of the TC field. |
- |
| vpn-instance |
Specify a VPN instance. |
- |
| dscp |
Specifies the value of DSCP. |
- |
| source-pool |
Specifies a source IPv6 address pool for an advanced ACL. Run the acl ipv6-pool pool-name command to create an ACL IPv6 address pool. |
- |
| tcp-flag |
Specifies TCP flag. |
- |
| option-code |
Specifies the IPv6 protocol option code. |
- |
| routing-type |
Specifies the IPv6 protocol routing type. |
- |
| destination-pool |
Specifies the name of a destination IPv6 address pool used by an advanced ACL. An ACL IPv6 address pool is created using the acl ipv6-pool pool-name command. |
- |
Usage Scenario
Run the rule description command to configure a description for an ACL6 in any of the following situations:
Prerequisites
An ACL6 rule has been created using the rule command.
Precautions
If the description of an ACL6 rule is not configured, the ACL6 rule may be misunderstood or misused.
<HUAWEI> system-view [~HUAWEI] acl ipv6 3100 [*HUAWEI-acl6-advance-3100] rule 23 deny tcp source 2001:db8::1 64 [*HUAWEI-acl6-advance-3100] rule 23 description This rule is used to filter packets according to the source IPv6 address.