Deny (Ip) - Dell PowerConnect 3524 Cli Reference Manual

source-port — Specifies the UDP/TCP source port. (Range: 1 - 65535)
•
• source-port-wildcard —Specifies wildcard bits to be applied to the source port by placing 1s in bit
positions to be ignored.
• flags list-of-flags — Specifies the list of TCP flags. If a flag is set, it is prefixed by "+". If a flag is
not set, it is prefixed by "-". Available options are +urg, +ack, +psh, +rst, +syn, +fin, -urg, -ack,
-psh, -rst, -syn and -fin. The flags are concatenated to a one string. For example: +fin-ack.
Default Configuration
No IPv4 ACL is defined.
Command Mode
IP-Access List Configuration mode.
User Guidelines
• Use the ip access-list Global Configuration mode command to enable the IP-Access List
Configuration mode.
• Before an Access Control Element (ACE) is added to an ACL, all packets are permitted. After an ACE
is added, an implied deny-any-any condition exists at the end of the list and those packets that do not
match the conditions defined in the permit statement are denied.
Example
The following example shows how to define a permit statement for an IP ACL.
Console(config)# ip access-list ip-acl1
Console(config-ip-al)# permit rsvp 192.1.1.1 0.0.0.0 any dscp 56

deny (IP)

The deny IP-Access List Configuration mode command denies traffic if the conditions defined in the
deny statement match.
Syntax
• deny [disable-port] {any| protocol} {any|{source source-wildcard}} {any|{destination destination-
wildcard}} [dscp number | ip-precedence number]
• deny-icmp [disable-port] {any|{source source-wildcard}} {any|{destination destination-wildcard}}
{any|icmp-type} {any|icmp-code} [dscp number | ip-precedence number]
• deny-igmp [disable-port] {any|{source source-wildcard}} {any|{destination destination-wildcard}}
{any|igmp-type} [dscp number | ip-precedence number]
93
ACL Commands