Brocade Communications Systems RFS6000 User Manual
Page 454
452
Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide
53-1001931-01
Extended ACL config commands
14
Parameters
deny ip
[
st
host
{rule-precedence
<1-5000>}
Use with a deny command to reject IP packets
•
deny – Sets the action type on an ACL
•
ip – Specifies an IP (to match to a protocol)
•
in dotted decimal format. The
For example, 10.1.1.10/24 indicates the first 24 bits of the
source IP is used for matching.
•
any – any is an abbreviation for a source IP of 0.0.0.0 and
source-mask bits equal to 0
•
host – host is an abbreviation for the exact source
(A.B.C.D format) and source-mask bits equal to 32
•
host IP address or destination network address.
•
log – Generates log messages when the packet coming from
the interface matches an ACL entry. Log messages are
generated only for router ACLs.
•
rule-precedence <1-5000> – Defines an integer value
between 1-5000. This value sets the rule precedence in the
ACL.
deny icmp
[
st
[
{
{rule-precedence
<1-5000>}
Use with the deny command to reject ICMP packets
•
deny – Rejects ICMP packets
•
icmp – Specifies ICMP as the protocol
•
[
(in dotted decimal format). The
For example, 10.1.1.10/24 indicates the first 24 bits of the
source IP is used for matching.
•
any – any is an abbreviation for a source IP of 0.0.0.0 and
source-mask bits equal to 0
•
host – host is an abbreviation for exact source (A.B.C.D) and
source-mask bits equal to 32
•
[
host IP address or destination network address
•
ICMP code value
only for protocol type icmp.
•
log – Generates log messages when the packet coming from
the interface matches the ACL entry. Log messages are
generated only for router ACLs.
•
rule-precedence <1-5000> – Optional. Defines an integer
value between 1-5000. This value sets the rule precedence
in the ACL.