Deny (ipv6 access-list configuration) – Dell POWEREDGE M1000E User Manual
Page 133
2-103
Cisco Catalyst Blade Switch 3130 and 3032 for Dell Command Reference
OL-13271-03
Chapter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands
deny (IPv6 access-list configuration)
deny (IPv6 access-list configuration)
Use the deny command in IPv6 access list configuration mode on the switch stack or on a standalone
switch to set deny conditions for an IPv6 access list. Use the no form of this command to remove the
deny conditions.
deny {protocol} {source-ipv6-prefix/prefix-length | any | host source-ipv6-address} [operator
[port-number]] {destination-ipv6-prefix/prefix-length | any | host destination-ipv6-address}
[operator [port-number]] [dscp value] [fragments] [log] [log-input] [routing] [sequence
value] [time-range name]
no deny {protocol} {source-ipv6-prefix/prefix-length | any | host source-ipv6-address} [operator
[port-number]] {destination-ipv6-prefix/prefix-length | any | host destination-ipv6-address}
[operator [port-number]] [dscp value] [fragments] [log] [log-input] [routing] [sequence
value] [time-range name]
Internet Control Message Protocol
deny icmp {source-ipv6-prefix/prefix-length | any | host source-ipv6-address} [operator
[port-number]] {destination-ipv6-prefix/prefix-length | any | host destination-ipv6-address}
[operator [port-number]] [icmp-type [icmp-code] | icmp-message] [dscp value] [log]
[log-input] [routing] [sequence value] [time-range name]
Transmission Control Protocol
deny tcp {source-ipv6-prefix/prefix-length | any | host source-ipv6-address} [operator
[port-number]] {destination-ipv6-prefix/prefix-length | any | host destination-ipv6-address}
[operator [port-number]] [ack] [dscp value] [established] [fin] [log] [log-input] [neq {port |
protocol}] [psh] [range {port | protocol}] [rst] [routing] [sequence value] [syn] [time-range
name] [urg]
User Datagram Protocol
deny udp {source-ipv6-prefix/prefix-length | any | host source-ipv6-address} [operator
[port-number]] {destination-ipv6-prefix/prefix-length | any | host destination-ipv6-address}
[operator [port-number]] [dscp value] [log] [log-input] [neq {port | protocol}] [range {port |
protocol}] [routing] [sequence value] [time-range name]
Note
This command is supported only if you have configured a dual IPv4 and IPv6 Switch Database
Management (SDM) template on the switch.
Syntax Description
protocol
Name or number of an Internet protocol. It can be one of the keywords
ahp, esp, icmp, ipv6, pcp, sctp, tcp, or udp, or an integer in the range
from 0 to 255 representing an IPv6 protocol number.
source-ipv6-prefix/prefix-
length
The source IPv6 network or class of networks about which to set deny
conditions.
This argument must be in the form documented in RFC 2373 where the
address is specified in hexadecimal using 16-bit values between colons.
any
An abbreviation for the IPv6 prefix ::/0.