Deny Icmp - Dell S4810 Reference Manual

Version 8.2.1.0
Version 8.1.1.0
Version 7.6.1.0
Version 7.5.1.0
Version 7.4.1.0
Version 6.5.1.0
Usage
The order option is relevant in the context of the Policy QoS feature only. For
Information
more information, refer to the Quality of Service chapter of the Dell Networking OS
Configuration Guide.
When you use the log option, the CP processor logs detail the packets that match.
Depending on how many packets match the log entry and at what rate, the CP
may become busy as it has to log these packets' details.
The monitor option is relevant in the context of flow-based monitoring only. For
more information, refer to the
The C-Series and S-Series cannot count both packets and bytes, when you enter
the count byte options, only bytes are incremented.
Related
deny tcp
Commands
deny udp
ip access-list extended

deny icmp

To drop all or specific internet control message protocol (ICMP) messages, configure a filter.
S4810
Syntax
deny icmp {source mask | any | host ip-address} {destination
mask | any | host ip-address} [dscp] [count [byte] | log]
[order] [monitor] [fragments]
To remove this filter, you have two choices:
•
Access Control Lists (ACL)
Allows ACL control of fragmented packets for IP (Layer 3)
ACLs.
Introduced on the E-Series ExaScale.
Introduced on the S-Series.
Introduced on the C-Series.
Added support for the noncontiguous mask and added the
monitor option.
Expanded to include the optional QoS order priority for the
ACL entry.
NOTE: When ACL logging and byte counters are configured simultaneously,
byte counters may display an incorrect value. Configure packet counters with
logging instead.
— assigns a filter to deny TCP packets.
— assigns a filter to deny UDP packets.
— creates an extended ACL.
Use the no seq sequence-number command if you know the filter's
sequence number.
Port Monitoring chapter.
223