Deny ( Ipv6 ) - Cisco 300 Series Cli Manual

4
123
If a range of ports is used for source port it is counted again if it is also used for
destination port.
If ace-priority is omitted, the system sets the rule's priority to the current highest
priority ACE (in the current ACL) + 20. The ACE-priority must be unique per ACL.If
the user types already existed priority, then the command is rejected.
Example
This example defines an ACL by the name of server and enters a rule (ACE) for tcp
packets.
switchxxxxxx(config)# ipv6 access-list server
switchxxxxxx(config-ipv6-al)# permit tcp 3001::2/64 any any 80
4.6

deny ( IPv6 )

Use the deny command in Ipv6 Access-list Configuration mode to set permit
conditions (ACEs) for IPv6 ACLs. Use the no form of the command to remove the
access control entry.
Syntax
protocol {any | {source-prefix/length}{any | destination- prefix/length}
deny
[ priority][dscp number | precedence number] [
ace-priority
time-range-name] [disable-port | l og-input ]
icmp {any | {source-prefix/length}{any | destination- prefix/length}
deny
{any| i cmp-type} {any| i cmp-code} [
number] [ time-range
deny tcp {any | {source-prefix/length} {any | source-port/port-range}}{any |
destination- prefix/length} {any| destination-port/port-range} [
priority][dscp number | precedence number] [match-all list-of-flags] [
time-range-name] [disable-port | l og-input ]
udp {any | {source-prefix/length}} {any | source-port/port-range}}{any |
deny
destination- prefix/length} {any| destination-port/port-range} [
priority][dscp number | precedence number] [
[disable-port | l og-input ]
protocol {any | {source-prefix/length}{any | destination- prefix/length}
no deny
[dscp number | precedence number] [
| l og-input ]
ace-priority
time-range-name] [disable-port | l og-input ]
time-range
OL-32830-01 Command Line Interface Reference Guide
time-range
priority][dscp number | precedence
ace-priority
ace-priority
time-range-name]
time-range
time-range-name] [disable-port
ACL Commands
time-range