20 deny udp – CANOGA PERKINS CanogaOS Command Reference User Manual

CanogaOS Command Line Reference

Revision 1.02

Proprietary & Confidential Canoga Pertkins Metro Ethernet Switches

Page 675 of 855

reference to command deny for other parameters

Command Mode

IP ACL configuration

Usage

The fragments will be invalid when the layer 4 information is specified (i.e. src-port).

Examples

This example shows how to create a filter in IP ACL to deny any TCP packets.
Switch(config-ip-acl)# 1 deny tcp any any
This example shows how to create a filter in IP ACL to deny the TCP packets with the source IP
address 1.1.1.1, source port 0-100.
Switch(config-ip-acl)# 2 deny tcp host 1.1.1.1 src-port range 0 100 any
This example shows how to create a filter in IP ACL to deny any TCP packets in established TCP
streams.
Switch(config-ip-acl)# 3 deny tcp any any establised
This example shows how to create a filer in IP ACL to deny the TCP ACK packets with the source IP
address 1.1.1.1.
Switch(config-ip-acl)# 4 deny tcp 10.10.10.0 0.0.0.0 any match-any ack

Related Commands

deny
deny udp
deny icmp
deny igmp

33.20 deny udp

Use this command to reject UDP packets matching the IP filter.

Command Syntax

[<1-2147483646>] deny udp { source source-mask | any | host source } [ src-port operator
port ]{destination destination-mask any | host destination} [ dst-port operator port ] [ ip-precedence
precedence | dscp dscp ] [ fragments ] [ routed-packet ] [ options ] [ time-range time-range-name ]
[ stats ]
src-port: source port <0-65535>
dst-port: destination port <0-65535>

operator

：including eq (equal to), lt (less than), gt (greater than), neq (not equal to), range

port: the port should be in the range <0-65535>
reference to command deny for other parameters

Command Mode