Default; Introduced On E-Series - Dell Force10 Terascale E Series Reference Manual

Ftos command line, ftos 8.4.2.7

Hide thumbs

100

page of 1640

/ 1640
Bookmarks

deny

c e s

Syntax

Parameters

Defaults

Command Modes

Command

History

212

Access Control Lists (ACL)

Configure a filter to drop packets with a certain IP address.

deny {source [mask] | any | host ip-address} [count [byte] | log] [dscp value] [order]

[monitor] [fragments]

To remove this filter, you have two choices:

Use the no seq sequence-number command syntax if you know the filter's sequence number

•

Use the no deny {source [mask] | any | host ip-address} command.

•

source

Enter the IP address in dotted decimal format of the network from which the

packet was sent.

mask

(OPTIONAL) Enter a network mask in /prefix format (/x) or A.B.C.D. The mask,

when specified in A.B.C.D format, may be either contiguous or non-contiguous

(discontiguous).

any

Enter the keyword

host ip-address

Enter the keyword

only.

count

(OPTIONAL) Enter the keyword

byte

(OPTIONAL) Enter the keyword

log

(OPTIONAL, E-Series only) Enter the keyword

log.

dscp

(OPTIONAL) Enter the keyword

order

(OPTIONAL) Enter the keyword

the ACL entry.

Range:

Default:

monitor

(OPTIONAL) Enter the keyword

that you want to monitor and the ACL in which you are creating the rule will be

applied to the monitored interface. For details, see the section "Flow-based

Monitoring" in the Port Monitoring chapter of the FTOS Configuration Guide.

fragments

Enter the keyword

Not configured.

CONFIGURATION-STANDARD-ACCESS-LIST

Version 8.3.1.0

Add DSCP value for ACL matching.

Version 8.2.1.0

Allows ACL control of fragmented packets for IP (Layer 3) ACLs.

Version 8.1.1.0

Introduced on E-Series ExaScale

Version 7.6.1.0

Added support for S-Series

Version 7.5.1.0

Added support for C-Series

Version 7.4.1.0

Added support for non-contiguous mask and added the

Version 6.5.1.0

Expanded to include the optional QoS

any

to specify that all routes are subject to the filter.

host

followed by the IP address to specify a host IP address

count

byte

to count bytes processed by the filter.

dcsp

to match to the IP DCSCP values.

order

0-254 (where 0 is the highest priority and 254 is the lowest; lower order

numbers have a higher priority)

If the order keyword is not used, the ACLs have the lowest order by

default(255).

monitor

fragments

to use ACLs to control packet fragments.

order

priority for the ACL entry.

to count packets processed by the filter.

log

to enter ACL matches in the

to specify the QoS order of priority for

when the rule is describing the traffic

monitor

option.

Need help?

Do you have a question about the Force10 TeraScale E Series and is the answer not in the manual?

This manual is also suitable for:

Force10 terascale c seriesForce10 terascale s seriesForce10 terascale s50Force10 terascale s25

Default; Introduced On E-Series - Dell Force10 Terascale E Series Reference Manual

Default:

Need help?

Related Manuals for Dell Force10 TeraScale E Series

Related Content for Dell Force10 TeraScale E Series

This manual is also suitable for: