Connectivity Guide
– neq — Not equal to
– range — Range of ports, including the specied port numbers.
Default Not congured
Command Mode IPV4-ACL
Usage Information OS10 cannot count both packets and bytes; when you use the count byte options, only bytes increment. The
no version of this command removes the lter.
The count, byte, and log options are not supported on the S5148F-ON platform.
Example
OS10(config)# ip access-list testflow
OS10(conf-ipv4-acl)# deny tcp any any capture session 1
Supported Releases 10.2.0E or later
deny tcp (IPv6)
Congures a lter that drops TCP IPv6 packets meeting the lter criteria.
Syntax
deny tcp [A::B | A::B/x | any | host ipv6-address [operator]] [A::B | A:B/x |
any | host ipv6-address [operator]] [ack | fin | psh | rst | syn | urg]
[capture | count | dscp value | fragment | log]
Parameters
• A::B — Enter the IPv6 address in hexadecimal format separated by colons.
• A::B/x — Enter the number of bits to match to the IPv6 address.
• any — (Optional) Enter the keyword any to specify any source or destination IP address.
• host ipv6-address — (Optional) Enter the IPv6 address to use a host address only.
• capture — (Optional) Capture packets the lter processes.
• count — (Optional) Count packets the lter processes.
• byte — (Optional) Count bytes the lter processes.
• dscp value — (Optional) Deny a packet based on the DSCP values, from 0 to 63.
• fragment — (Optional) Use ACLs to control packet fragments.
• log — (Optional) Enables ACL logging. Information about packets that match an ACL rule are logged.
• operator — (Optional) Enter a logical operator to match the packets on the specied port number. The
following options are available:
– eq — Equal to
– gt — Greater than
– lt — Lesser than
– neq — Not equal to
– range — Range of ports, including the specied port numbers.
Default Not congured
Command Mode IPV6-ACL
Usage Information OS10 cannot count both packets and bytes; when you use the count byte options, only bytes increment. The
no version of this command removes the lter.
The count, byte, and log options are not supported on the S5148F-ON platform.
902 Access Control Lists