ipng/vppcfg
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add an ACE with a an example prefixlist

Browse Source
This commit is contained in:
Pim van Pelt
2023-01-16 14:36:05 +00:00
parent 5824af9666
commit 9a175e1bba
1 changed files with 14 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
docs/config-guide.md
View File

@@ -433,12 +433,25 @@ packets then either perform an action of `permit` or `deny` (for stateless) or `
* ***icmp-code***: Similar to `icmp-type` but for the ICMP code field. This field can only be * ***icmp-code***: Similar to `icmp-type` but for the ICMP code field. This field can only be
specified if the `protocol` field is `icmp` (or `1`). specified if the `protocol` field is `icmp` (or `1`).
An example ACL with three ACE terms: An example ACL with four ACE terms:
``` ```
prefixlists:
example:
description: "An example prefixlist with hosts and prefixes"
members:
- 192.0.2.1
- 192.0.2.0/24
- 2001:db8::1
- 2001:db8::/64
acls: acls:
acl01: acl01:
description: "Test ACL" description: "Test ACL"
terms: terms:
- description: "Allow a prefixlist, but only for IPv6"
family: ipv6
action: permit
source: example
- description: "Allow a specific IPv6 TCP flow" - description: "Allow a specific IPv6 TCP flow"
action: permit action: permit
source: 2001:db8::/64 source: 2001:db8::/64