Cisco 220 Series Smart Plus Reference Manual page 71

ACL Commands
deny (IP)
Cisco 220 Series Smart Plus Switches Command Line Interface Reference Guide Release 1.0.0.x
value
[sequence ] deny
range destination destination-wildcard
} {any |
number
[dscp | precedence
value
no sequence
Parameters
value
• sequence
based ACL. The acceptable range is from 1 to 2147483547. If not specified,
the switch provides a number starting from 1 in ascending order.
protocol
• —The name or the number of an IP protocol. Available protocol
names are icmp, ip, tcp, egp, igp, udp, hmp, rdp, idpr, ipv6, ipv6:rout,
ipv6:frag, idrp, rsvp, gre, esp, ah, ipv6:icmp, eigrp, ospf, ipinip, pim, l2tp, and
isis. To match any protocol, use the ip keyword. (Range: 0 to 255)
source
• —Source IP address of the packet.
• source-wildcard
source-port/port range
•
are defined in the
65535)
destination
• —Destination IP address of the packet.
destination-wildcard
•
address.
• destination-port/port range
range of ports by using hyphen, such as 20 - 21. For TCP enter a number or
one of the following values: bgp (179), chargen (19), daytime (13), discard (9),
domain (53), drip (3949), echo (7), finger (79), ftp (21), ftp-data (20), gopher
(70), hostname (42), irc (194), klogin (543), kshell (544), lpd (515), nntp (119),
pop2 (109), pop3 (110), smtp (25), sunrpc (1110, syslog (514), tacacs-ds
(49), talk (517), telnet (23), time (35), uucp (117), whois (43), www (80). For
UDP enter a number or one of the following values: biff (512), bootpc (68),
bootps (67), discard (9), dnsix (90), domain (53), echo (7), mobile-ip (434),
nameserver (42), netbios-dgm (138), netbios-ns (135), non500-isakmp
(4500), ntp (123), rip (520), snmp 161), snmptrap (162), sunrpc (111), syslog
(514), tacacs-ds (49), talk (517), tftp (69), time (35), who (513), or xdmcp
(177). (Range: 0 to 65535)
number
• dscp —(Optional) Specifies the DSCP value.
number
• precedence
udp source source-wildcard
{any |
number
] [disable-port]
—(Optional) Specifies the sequence number of the IPv4-
—Wildcard bits to be applied to the source IP address.
—UDP or TCP source port. Predefined port names
destination-port/port-range
—Wildcard bits to be applied to the destination IP
—UDP or TCP destination port. You can enter a
—(Optional) Specifies the IP precedence value.
source-port
} {any |
destination-port
} {any |
parameter. (Range: 0 to
4
port-
/
port-range
/ }
69