Reference Guide

ManualsBrandsDell ManualsNetworkingForce10 S25-01-GE-24P

691

692

693

694

695

696

697

698

699

700

IPv6 Access Control Lists (IPv6 ACLs) | 691

deny udp

c e s

Configure a filter to drop UDP packets meeting the filter criteria.

Syntax

deny udp {source address mask | any | host ipv6-address} [operator port [port]] {destination

address | any | host ipv6-address} [operator port [port]] [count [byte]] | [log] [monitor]

To remove this filter, you have two choices:

• Use the no seq sequence-number command syntax if you know the filter’s sequence number

• Use the no deny udp {source address mask | any | host ipv6-address} {destination

address | any | host ipv6-address} command.

Parameters

Defaults

Not configured.

Command Modes

ACCESS-LIST

source address

Enter the IPv6 address of the network or host from which the packets were sent

in the

x:x:x:x::x format followed by the prefix length in the /x format.

Range: /0 to /128

The

:: notation specifies successive hexadecimal fields of zero.

mask Enter a network mask in /prefix format (/x).

any Enter the keyword any to specify that all routes are subject to the filter.

host ipv6-address Enter the keyword host followed by the IPv6 address of the host in the

x:x:x:x::x format.

The

:: notation specifies successive hexadecimal fields of zero

operator

(OPTIONAL) Enter one of the following logical operand:

•

eq = equal to

•

neq = not equal to

•

gt = greater than

•

lt = less than

•

range = inclusive range of ports

port port

(OPTIONAL) Enter the application layer port number. Enter two port numbers

if using the

range logical operand.

Range: 0 to 65535

destination address

Enter the IPv6 address of the network or host to which the packets are sent in

the

x:x:x:x::x format followed by the prefix length in the /x format.

Range: /0 to /128

The

:: notation specifies successive hexadecimal fields of zero.

count (OPTIONAL) Enter the keyword count to count packets processed by the

filter.

byte (OPTIONAL) Enter the keyword byte to count bytes processed by the filter.

log (OPTIONAL) Enter the keyword log to enter ACL matches in the log.

Supported on Jumbo-enabled line cards only.

monitor (OPTIONAL) Enter the keyword monitor to monitor traffic on the

monitoring interface specified in the flow-based monitoring session along with

the filter operation.