Cisco 220 Series Smart Plus Reference Manual page 74

ACL Commands
deny (IPv6)
Cisco 220 Series Smart Plus Switches Command Line Interface Reference Guide Release 1.0.0.x
documented in RFC 3513 where the address is specified in hexadecimal
using 16-bit values between colons.
source-port/port-range
•
names are defined in the
to 65535)
destination-prefix/length
•
networks about which to set permit conditions. This argument must be in
the format documented in RFC 3513 where the address is specified in
hexadecimal using 16-bit values between colons.
destination-port/port-range
•
enter a range of ports by using a hyphen, such as 20 - 21. For TCP enter a
number or one of these values: bgp (179), chargen (19), daytime (13),
discard (9), domain (53), drip (3949), echo (7), finger (79), ftp (21), ftp-data
20), gopher (70), hostname (42), irc (194), klogin (543), kshell (544), lpd (515),
nntp (119), pop2 (109), pop3 (110), smtp (25), sunrpc (1110, syslog (514),
tacacs-ds (49), talk (517), telnet (23), time (37), uucp (117), whois (43), www
(80). For UDP enter a number or one of the following values: biff (512),
bootpc (68), bootps (67), discard (9), dnsix (90), domain (53), echo (7),
mobile-ip (434), nameserver (42), netbios-dgm (138), netbios-ns (137),
non500-isakmp (4500), ntp (123), rip (520), snmp (161), snmptrap (162),
sunrpc (111), syslog (514), tacacs (49), talk (517), tftp (69), time (37), who
(513), or xdmcp (177). (Range: 0 to 65535)
number
• dscp —(Optional) Specifies the DSCP value. (Range: 0 to 63)
number
• precedence
• disable-port—(Optional) Disables the Ethernet interface if the condition is
matched.
icmp-type
• —(Optional) The ICMP message type for filtering ICMP packets.
Enter a number or one of these values: destination-unreachable (1), packet-
too-big (2), time-exceeded (3), parameter-problem (4), echo-request (128),
echo-reply (129), mld-query (130), mld-report (131), mldv2-report (143),
mld-done (132), router-solicitation (133), router-advertisement (134), nd-ns
(135), or nd-na (135). (Range: 0 to 255)
icmp-code
• —(Optional) The ICMP message code for filtering ICMP packets.
(Range: 0 to 255)
list-of-flags
• match-all
occur. If a flag should be set, it is prefixed by "+". If a flag should be unset, it
is prefixed by "-". Available options are +urg, +ack, +psh, +rst, +syn, +fin, -
—The UDP or TCP source port. Predefined port
destination-port/port-range
—The destination IPv6 network or class of
—The UDP or TCP destination port. You can
—(Optional) Specifies the IP precedence value.
—(Optional) Specifies a list of TCP flags that should
4
parameter. (Range: 0
72