Specifications

2-48
Catalyst 2950 and Catalyst 2955 Switch Command Reference
78-15304-01
Chapter 2 Cisco IOS Commands
deny (access-list configuration)
Defaults There are no specific conditions that deny packets in the named or numbered IP ACL.
The default ACL is always terminated by an implicit deny statement for all packets.
Command Modes Access-list configuration
Command History
Usage Guidelines Use this command after the ip access-list global configuration command to specify deny conditions for
an IP ACL. You can specify a source IP address, destination IP address, IP protocol, TCP port, or UDP
port. Specify the TCP and UDP port numbers only if protocol is tcp or udp and operator is eq.
Note For more information about configuring IP ACLs, refer to the Configuring Network Security with
ACLs chapter in the Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide for this
release.
operator port (Optional) Define a source or destination port.
The operator can be only eq (equal).
If operator is after the source IP address and wildcard, conditions match
when the source port matches the defined port.
If operator is after the destination IP address and wildcard, conditions
match when the destination port matches the defined port.
The port is a decimal number or name of a Transmission Control Protocol
(TCP) or User Datagram Protocol (UDP) port. The number can be from
0 to 65535.
Use TCP port names only for TCP traffic.
Use UDP port names only for UDP traffic.
dscp dscp-value (Optional) Define a Differentiated Services Code Point (DSCP) value to
classify traffic.
For the dscp-value, enter any of the 13 supported DSCP values (0, 8, 10,
16, 18, 24, 26, 32, 34, 40, 46, 48, and 56), or use the question mark (?) to
see a list of available values.
time-range
time-range-name
(Optional) For the time-range keyword, enter a meaningful name to
identify the time range. For a more detailed explanation of this keyword,
refer to the software configuration guide.
Release Modification
12.1(6)EA2 This command was first introduced.