Deny (ip) – Allied Telesis AT-S94 CLI (AT-8000S Series) User Manual
Page 28

Page 27
Allied Telesis
AT-8000S-S94-3.0 Command Line Interface User’s Guide
mobile-registration-request, mobile-registration-reply, domain-name-request, domain-name-reply,
skip and photuris. (Range: 0-255)
•
icmp-code — Specifies an ICMP message code for filtering ICMP packets. ICMP packets that are filtered by
ICMP message type can also be filtered by the ICMP message code. (Range: 0-255)
•
igmp-type — IGMP packets can be filtered by IGMP message type. Enter a number or one of the following
values: dvmrp, host-query, host-report, pim or trace. (Range: 0-255)
•
destination-port — Specifies the UDP/TCP destination port. (Range: 0-65535)
•
source-port — Specifies the UDP/TCP source port. (Range: 0-65535)
•
list-of-flags — Specifies a list of TCP flags that can be triggered. If a flag is set, it is prefixed by “+”. If a flag is
not set, it is prefixed by “-”. Possible values: +urg, +ack, +psh, +rst, +syn, +fin, -urg, -ack, -psh, -rst, -syn
and -fin. The flags are concatenated into one string. For example: +fin-ack.
Default Configuration
No IPv4 ACL is defined.
Command Mode
Ip Access-list Configuration mode
User Guidelines
You enter IP-Access List configuration mode by using the ip access-list Global Configuration mode command.
Example
The following example defines a permit statement for an IP ACL.
deny (IP)
The deny IP Access List Configuration mode command sets conditions to not allow a packet to pass a named IP
Access List.
Syntax
deny [disable-port] {any| protocol} {any|{source source-wildcard}} {any|{destination destination-wildcard}} [dscp
number | ip-precedence number]
deny-icmp [disable-port] {any|{source source-wildcard}} {any|{destination destination-wildcard}} {any|icmp-
type} {any|{icmp-code} [dscp number | ip-precedence number]
deny-igmp [disable-port] {any|{source source-wildcard}} {any|{destination destination-wildcard}} {any|igmp-
type} [dscp number | ip-precedence number]
deny-tcp [disable-port] {any|{ source source-wildcard}} {any|source-port} {any|{ destination destination-
wildcard}} {any|destination-port} [dscp number | ip-precedence number] [flags list-of-flags]
deny-udp [disable-port] {any|{ source source-wildcard}} {any| source-port} {any|{destination destination-
wildcard}} {any|destination-port} [dscp number | ip-precedence number]
console(config)# ip access-list ip-acl1
console(config-ip-al)# permit rsvp 192.1.1.1 0.0.0.0 any dscp 56