Deny (Ipv4) - Cisco AP775A - Nexus Converged Network Switch 5010 Command Reference Manual

Cisco nexus 5000 series command reference, release 4.1(3)n1(1) (ol-16599-01, august 2009)

Hide thumbs Also See for AP775A - Nexus Converged Network Switch 5010:

Table of Contents

Security Commands

S e n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a c k @ c i s c o . c o m

deny (IPv4)

To create an IPv4 ACL rule that denies traffic matching its conditions, use the deny command. To

remove a rule, use the no form of this command.

General Syntax

Internet Control Message Protocol

Internet Group Management Protocol

Internet Protocol v4

Transmission Control Protocol

User Datagram Protocol

[sequence-number] deny protocol source destination {[dscp dscp] | [precedence precedence]}

[fragments] [log] [time-range time-range-name]

no deny protocol source destination {[dscp dscp] | [precedence precedence]} [fragments] [log]

[time-range time-range-name]

no sequence-number

[sequence-number] deny icmp source destination [icmp-message] {[dscp dscp] | [precedence

precedence]} [fragments] [log] [time-range time-range-name]

[sequence-number] deny igmp source destination [igmp-message] {[dscp dscp] | [precedence

precedence]} [fragments] [log] [time-range time-range-name]

[sequence-number] deny ip source destination {[dscp dscp] | [precedence precedence]}

[fragments] [log] [time-range time-range-name]

[sequence-number] deny tcp source [operator port [port] | portgroup portgroup] destination

[operator port [port] | portgroup portgroup] {[dscp dscp] | [precedence precedence]}

[fragments] [log] [time-range time-range-name] [flags] [established]

[sequence-number] deny udp source [operator port [port] | portgroup portgroup] destination

[operator port [port] | portgroup portgroup] {[dscp dscp] | [precedence precedence]}

[fragments] [log] [time-range time-range-name]

Cisco Nexus 5000 Series Command Reference