diff options
| author | Nicolas Fort <yocasquito@gmail.com> | 2021-07-23 11:17:55 -0300 |
|---|---|---|
| committer | Nicolas Fort <yocasquito@gmail.com> | 2021-07-23 11:17:55 -0300 |
| commit | dbddfe85adaa70552607b38706b39238b465ac4e (patch) | |
| tree | 055d0ec7f3018eb008e759c4c6f48a7a540d7ad3 /docs/configuration/policy/prefix-list.rst | |
| parent | 1fb2465d8cb7197a18daeb46270c3d42e64e3dbe (diff) | |
| download | vyos-documentation-dbddfe85adaa70552607b38706b39238b465ac4e.tar.gz vyos-documentation-dbddfe85adaa70552607b38706b39238b465ac4e.zip | |
Index file updated and splitted into new files. Indent and lenght on every file was verified
Diffstat (limited to 'docs/configuration/policy/prefix-list.rst')
| -rw-r--r-- | docs/configuration/policy/prefix-list.rst | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/docs/configuration/policy/prefix-list.rst b/docs/configuration/policy/prefix-list.rst new file mode 100644 index 00000000..ebc02ea2 --- /dev/null +++ b/docs/configuration/policy/prefix-list.rst @@ -0,0 +1,87 @@ +################## +Prefix List Policy +################## + +Prefix lists provides the most powerful prefix based filtering mechanism. In +addition to access-list functionality, ip prefix-list has prefix length range +specification. + +If no ip prefix list is specified, it acts as permit. If ip prefix list is +defined, and no match is found, default deny is applied. + +Prefix filtering can be done using prefix-list and prefix-list6. + +************* +Configuration +************* + +Prefix Lists +============ + +.. cfgcmd:: set policy prefix-list <text> + + This command creates the new prefix-list policy, identified by <text>. + +.. cfgcmd:: set policy prefix-list <text> description <text> + + Set description for the prefix-list policy. + +.. cfgcmd:: set policy prefix-list <text> rule <1-65535> action <permit|deny> + + This command creates a new rule in the prefix-list and defines an action. + +.. cfgcmd:: set policy prefix-list <text> rule <1-65535> description <text> + + Set description for rule in the prefix-list. + +.. cfgcmd:: set policy prefix-list <text> rule <1-65535> prefix <x.x.x.x/x> + + Prefix to match against. + +.. cfgcmd:: set policy prefix-list <text> rule <1-65535> ge <0-32> + + Netmask greater than length. + +.. cfgcmd:: set policy prefix-list <text> rule <1-65535> le <0-32> + + Netmask less than lenght + +IPv6 Prefix Lists +================= + +.. cfgcmd:: set policy prefix-list6 <text> + + This command creates the new IPv6 prefix-list policy, identified by <text>. + +.. cfgcmd:: set policy prefix-list6 <text> description <text> + + Set description for the IPv6 prefix-list policy. + +.. cfgcmd:: set policy prefix-list6 <text> rule <1-65535> action <permit|deny> + + This command creates a new rule in the IPv6 prefix-list and defines an + action. + +.. cfgcmd:: set policy prefix-list6 <text> rule <1-65535> description <text> + + Set description for rule in IPv6 prefix-list. + +.. cfgcmd:: set policy prefix-list6 <text> rule <1-65535> prefix + <h:h:h:h:h:h:h:h/x> + + IPv6 prefix. + +.. cfgcmd:: set policy prefix-list6 <text> rule <1-65535> ge <0-128> + + Netmask greater than length. + +.. cfgcmd:: set policy prefix-list6 <text> rule <1-65535> le <0-128> + + Netmask less than lenght + + +******** +Examples +******** + +Examples would be uploaded soon.
\ No newline at end of file |