21 deny icmp – CANOGA PERKINS CanogaOS Command Reference User Manual
Page 676
CanogaOS Command Line Reference
Revision 1.02
Proprietary & Confidential Canoga Pertkins Metro Ethernet Switches
Page 676 of 855
IP ACL configuration
Usage
The fragments will be invalid when the layer 4 information is specified (i.e. src-port).
Examples
This example shows how to create a filter in IP ACL to deny any UDP packets.
Switch(config-ip-acl)# 1 deny udp any any
This example shows how to create a filter in IP ACL to deny the UDP packets with the source IP 1.1.1.1,
source port 10, and destination port less than 2000.
Switch(config-ip-acl)# 2 deny udp host 1.1.1.1 src-port eq 10 any dst-port lt 2000
Related Commands
deny
deny tcp
deny icmp
deny igmp
33.21 deny icmp
Use this command to reject ICMP packets matching the IP filter.
Command Syntax
[<1-2147483646>] deny icmp { source source-mask | any | host source } {destination
destination-mask any | host destination } [ icmp-type < 0-255 > [icmp-code < 0-255 >] ]
[ ip-precedence precedence | dscp dscp ] [ fragments ] [ routed-packet ] [ options ] [ time-range
time-range-name ] [ stats ]
icmp-type: <0-255> ICMP message type
icmp-code: <0-255> ICMP message code
Command Mode
IP ACL configuration
Usage
None
Examples
This example shows how to create a filter in IP ACL to deny any ICMP packets.
Switch(config-ip-acl)#1 deny icmp any any
This example shows how to create a filter in IP ACL to deny the ICMP packets with the icmp-type 3 and
icmp-code 3.
Switch(config-ip-acl)#2 deny icmp any any icmp-type 3 icmp-code 3
Related Commands