Manualshelf

Connectivity Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048-ON
891892893894895896897898899900
Supported Releases 10.2.0E or later
deny
Congures a lter to drop packets with a specic IP address.
Syntax
deny [protocol-number | icmp | ip | tcp | udp] [A.B.C.D | A.B.C.D/x | any |
host ip-address] [A.B.C.D | A.B.C.D/x | any | host ip-address] [capture | count
| dscp value | fragment | log]
Parameters
protocol-number — (Optional) Enter the protocol number identied in the IP header, from 0 to 255.
icmp — (Optional) Enter the ICMP address to deny.
ip — (Optional) Enter the IP address to deny.
tcp — (Optional) Enter the TCP address to deny.
udp — (Optional) Enter the UDP address to deny.
A.B.C.D — Enter the IP address in dotted decimal format.
A.B.C.D/x — Enter the number of bits to match to the dotted decimal address.
any — (Optional) Enter the keyword any to specify any source or destination IP address.
host ip-address — (Optional) Enter the keyword and the IP address to use a host address only.
capture — (Optional) Capture packets the lter processes.
count — (Optional) Count packets the lter processes.
byte — (Optional) Count bytes the lter processes.
dscp value — (Optional) Deny a packet based on the DSCP values, from 0 to 63.
fragment — (Optional) Use ACLs to control packet fragments.
log — (Optional) Enables ACL logging. Information about packets that match an ACL rule are logged.
Default Not congured
Command Mode IPV4-ACL
Usage Information OS10 cannot count both packets and bytes; when you use the count byte options, only bytes increment. The
no version of this command removes the lter.
The count, byte, and log options are not supported on the S5148F-ON platform.
Example
OS10(config)# ip access-list testflow
OS10(conf-ipv4-acl)# deny udp any any
Supported Releases 10.2.0E or later
deny (IPv6)
Congures a lter to drop packets with a specic IPv6 address.
Syntax
deny [protocol-number | icmp | ipv6 | tcp | udp] [A::B | A::B/x | any | host
ipv6-address] [A::B | A::B/x | any | host ipv6-address] [capture | count | dscp
value | fragment | log]
Parameters
protocol-number — (Optional) Enter the protocol number identied in the IP header, from 0 to 255.
Access Control Lists 897