Manualshelf

Reference Guide

ManualsBrandsDell ManualsDesktopPOWERCONNECT 5524
701702703704705706707708709710
695
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Dell Contax
CLI\files\ACL.fm
DELL CONFIDENTIAL – PRELIMINARY 2013 - FOR PROOF ONLY
deny ( IP )
Use the deny IP Access-list Configuration mode command to set deny
conditions for IPv4 access list.
Syntax
deny
protocol
{any | source
source-wildcard
} {any | destination
destination-
wildcard
} [dscp number | precedence
number
] [time-range
time-range-
name
] [disable-port | log-input]
deny icmp {any | source
source-wildcard
} {any | destination
destination-
wildcard
{any|icmp-type} {any|icmp-code} [dscp number | precedence
number
] [time-range
time-range-name
] [disable-port | log-input]
deny igmp {any | source source-wildcard} {any | destination destination-
wildcard}[igmp-type] [dscp number | precedence number] [time-range
time-range-name] [disable-port | log-input]
deny tcp {any | source
source-wildcard
} {any|
source-port/port-range
}{any |
destination
destination-wildcard
} {any|d
estination-port/port-range
} [dscp
number
| precedence
number
] [match-all
list-of-flags
] [time-range
time-
range-name
] [disable-port | log-input]
deny udp {any | source
source-wildcard
} {any|
source-port/port-range
} {any
| destination
destination-wildcard
} {any|
destination-port/port-range
} [dscp
number
| precedence
number
] [match-all
time-range-name
] [time-range
time-range-name
] [disable-port | log-input]
Parameters
protocol
—The name or the number of an IP protocol. Available protocol
names: icmp, igmp, ip, tcp, egp, igp, udp, hmp, rdp, idpr, ipv6, ipv6:rout,
ipv6:frag, idrp, rsvp, gre, esp, ah, ipv6:icmp, eigrp, ospf, ipinip, pim, l2tp,
isis. To match any protocol use the IP keyword. (Range: 0–255)
source
—Source IP address of the packet.
source-wildcard
—Wildcard bits to be applied to the source IP address.
Use 1s in the bit position that you want to be ignored.
destination
—Destination IP address of the packet.
destination-wildcard
—Wildcard bits to be applied to the destination IP
address. Use 1s in the bit position that you want to be ignored.