Reference Guide
Access Control Lists (ACL) | 151
deny
s z
Configure a filter to drop packets meeting the criteria specified.
Syntax
deny ip-prefix [ge min-prefix-length] [le max-prefix-length]
To delete a drop filter, use the no deny ip-prefix command.
Parameters
Defaults
Not configured.
Command Modes
PREFIX-LIST
Command
History
Usage
Information
Sequence numbers for this filter are automatically assigned starting at sequence number 5.
If the options ge or le are not used, only packets with an exact match to the prefix are filtered.
Related
Commands
ip prefix-list
s z
Enter the PREFIX-LIST mode and configure a prefix list.
Syntax
ip prefix-list prefix-name
To delete a prefix list, use the no ip prefix-list prefix-name command.
Parameters
Command Modes
CONFIGURATION
Command
History
S6000
ip-prefix
Specify an IP prefix in the network/length format. For example, 35.0.0.0/
8 means match the first 8 bits of address 35.0.0.0.
ge min-prefix-length (OPTIONAL) Enter the keyword ge followed by the minimum prefix
length, which is a number from zero (0) to 32.
le max-prefix-length
(OPTIONAL) Enter the keyword le followed by the maximum prefix
length, which is a number from zero (0) to 32.
Version 9.0.2.0 Introduced on the S6000
Version 8.3.11.1 Introduced on the Z9000.
Version 7.6.1.0 Support added for S-Series
permit Configure a filter to pass packets.
seq Configure a drop or permit filter with a specified sequence number.
S6000
prefix-name
Enter a string up to 16 characters long as the name of the prefix list, up to 140 characters
long.
Version 9.0.2.0 Introduced on the S6000
Version 8.3.11.1 Introduced on the Z9000.
Version 7.8.1.0 Increased name string to accept up to 140 characters. Prior to 7.8.1.0, names are up to
16 characters long.
Version 7.6.1.0 Support added for S-Series