Cisco AJ732A - MDS 9134 Fabric Switch Command Reference Manual page 303
Cisco mds 9000 family command reference guide - release 4.x (ol-18089-01, february 2009)
Hide thumbs
Also See for AJ732A - Cisco MDS 9134 Fabric Switch:
- Configuration manual (700 pages) ,
- Messages manual (518 pages) ,
- Installation manual (288 pages)
Table of Contents
Advertisement
Chapter 5
D Commands
S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m
deny (IPv6-ACL configuration)
To configure deny conditions for an IPv6 access control list (ACL), use the deny command in IPv6-ACL
configuration submode. To remove the conditions, use the no form of the command.
Syntax Description
ipv6-protocol-number
ipv6
source-ipv6-prefix/
prefix-length
any
host
source-ipv6-address
dest-ipv6-prefix/prefix-
length
host dest-ipv6-address
log-deny
icmp
icmp-type
icmp-code
tcp
source-port-operator
source-port-number
udp
OL-18089-01, Cisco NX-OS Release 4.x
deny {ipv6-protocol-number | ipv6} {source-ipv6-prefix/prefix-length | any | host
source-ipv6-address} {dest-ipv6-prefix/prefix-length | any | host dest-ipv6-address} [log-deny]
deny icmp {source-ipv6-prefix/prefix-length | any | host source-ipv6-address}
{dest-ipv6-prefix/prefix-length | any | host dest-ipv6-address} [icmp-type [icmp-code]]
[log-deny]
deny tcp {source-ipv6-prefix/prefix-length | any | host source-ipv6-address} [source-port-operator
source-port-number | range source-port-number source-port-number]
{dest-ipv6-prefix/prefix-length | any | host dest-ipv6-address} [dest-port-operator
dest-port-number | range dest-port-number dest-port-number] [established] [log-deny]
deny udp {source-ipv6-prefix/prefix-length | any | host source-ipv6-address}
[source-port-operator source-port-number | range source-port-number source-port-number]
{dest-ipv6-prefix/prefix-length | any | host dest-ipv6-address} [dest-port-operator
dest-port-number | range dest-port-number dest-port-number] [log-deny]
no deny {ipv6-protocol-number | ipv6 | icmp | tcp | udp}
Specifies an IPv6 protocol number. The range is 0 to 255.
Applies the ACL to any IPv6 packet.
Specifies a source IPv6 network or class of networks. The format is
X:X:X::X/n.
Applies the ACL to any source or destination prefix.
Applies the ACL to the specified source IPv6 host address. The format is
X:X:X::X.
Specifies a destination IPv6 network or class of networks. The format is
X:X:X::X/n.
Applies the ACL to the specified destination IPv6 host address. The format
is X:X:X::X.
(Optional) For packets that are dropped, creates an informational log
message about the packet that matches the entry. The message includes the
input interface.
Applies the ACL to any Internet Control Message Protocol (ICMP) packet.
Specifies an ICMP message type. The range is 0 to 255.
Specifies an ICMP message code. The range is 0 255.
Applies the ACL to any TCP packet.
Specifies an operand that compares the source ports of the specified protocol.
The operands are lt (less than), gt (greater than), and eq (equals).
Specifies the port number of a TCP or UDP port. The number can be from 0
to 65535. A range requires two port numbers.
Applies the ACL to any UDP packet.
deny (IPv6-ACL configuration)
Cisco MDS 9000 Family Command Reference
5-11
Advertisement
Table of Contents
