ACL Commands
deny (IP)
SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide
IP Protocol
ISIS over IPv4
(any IP protocol)
•
in-port port-num — (Optional) Specifies the input port of the device. In case
of egress classification this port will be the device input port.
•
out-port port-num — (Optional) Specifies the output port of the device.
•
dscp
number
— Indicates matching the dscp
value.
•
ip-precedence
with the packet ip-precedence value.
Default Configuration
This command has no default configuration
Command Mode
IP-Access List Configuration mode
User Guidelines
Use the ip access-list Global Configuration mode command to enable the IP-
Access List Configuration mode.
Before an Access Control Element (ACE) is added to an ACL, all packets are
permitted. After an ACE is added, an implied deny-any-any condition exists at the
end of the list and those packets that do not match the defined conditions are
denied.
Example
The following example shows how to define a permit statement for an IP ACL.
Console(config)# ip access-list ip-acl1
Console(config-ip-al)# deny rsvp 192.1.1.1 0.0.0.255 any
Abbreviated
Name
isis
any
number
— Indicates matching the ip-precedence
Protocol
Number
124
(25504)
number
with the packet dscp
number
3
55