Table of Contents
Advertisement
Quality of Service (QoS) Commands
78-20269-01 Command Line Interface Reference Guide
Address block
224.0.0.0/4 as
source
240.0.0.0/4 (except
when
255.255.255.255/3
2 is the destination
address)
Note that if the reserved addresses are included, individual reserved addresses
cannot be removed.
Example
The following example discards all packets with a source or destination address in
the block of the reserved IP addresses.
Console(config)#
security-suite deny martian-addresses reserved add
41.47 security-suite deny syn
Use the security-suite deny syn Interface Configuration (Ethernet, Port-channel)
mode command to block the creation of TCP connections from a specific
interface. This a complete block of these connections.
Use the no form of this command to permit creation of TCP connections.
Syntax
security-suite deny syn {
/prefix-length} ] |
[remove {tcp-port | any} {ip-address | any} {mask | /prefix-length}] }
no security-suite deny syn
Parameters
•
ip-address | any—Specifies the destination IP address. Use any to specify
all IP addresses.
•
mask— Specifies the network mask of the destination IP address.
•
prefix-length—Specifies the number of bits that comprise the destination IP
address prefix. The prefix length must be preceded by a forward slash (/).
Present use
This block, formerly known as the Class D
address space, is allocated for use in IPv4
multicast address assignments.
This block, formerly known as the Class E
address space, is reserved.
[add {tcp-port | any} {ip-address | any} {mask |
41
606
Advertisement
Table of Contents
