Cisco Nexus 7000 Series Security Command Reference - Cisco Nexus 7000 Series Command Reference Manual
Hide thumbs
Also See for Nexus 7000 Series:
- Reference manual (746 pages) ,
- Configuration manual (536 pages) ,
- Hardware installation and reference manual (508 pages)
Table of Contents
Advertisement
deny (IPv6)
portgroup portgroup
established
flags
Cisco Nexus 7000 Series Security Command Reference
252
(Optional; TCP, UDP, and SCTP only) Specifies that
the rule matches only packets that are from a source
port or to a destination port that is a member of the
IP port-group object specified by the portgroup
argument. Whether the port-group object applies to
a source port or a destination port depends upon
whether you specify it after the source argument or
after the destination argument.
Use the object-group ip port command to create and
change IP port-group objects.
(TCP only; Optional) Specifies that the rule matches
only packets that belong to an established TCP
connection. The device considers TCP packets with
the ACK or RST bits set to belong to an established
connection.
(TCP only; Optional) Rule matches only packets that
have specific TCP control bit flags set. The value of
the flags argument must be one or more of the
following keywords:
• ack
• fin
• psh
• rst
• syn
• urg
D Commands
Advertisement
Table of Contents
