EasyManua.ls Logo

Cisco Nexus 7000 Series - Page 263

Cisco Nexus 7000 Series
1018 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
icmpSpecifies that the rule applies to ICMP traffic only. When you use this keyword, the icmp-message
argument is available, in addition to the keywords that are available for all valid values of the protocol
argument.
igmpSpecifies that the rule applies to IGMP traffic only. When you use this keyword, the igmp-type
argument is available, in addition to the keywords that are available for all valid values of the protocol
argument.
ipSpecifies that the rule applies to all IPv4 traffic.
nosSpecifies that the rule applies to KA9Q NOS-compatible IP-over-IP tunneling traffic only.
ospfSpecifies that the rule applies to Open Shortest Path First (OSPF) traffic only.
pcpSpecifies that the rule applies to payload compression protocol (PCP) traffic only.
pimSpecifies that the rule applies to protocol-independent multicast (PIM) traffic only.
tcpSpecifies that the rule applies to TCP traffic only. When you use this keyword, the flags and
operator arguments and the portgroup and established keywords are available, in addition to the
keywords that are available for all valid values of the protocol argument.
udpSpecifies that the rule applies to UDP traffic only. When you use this keyword, the operator
argument and the portgroup keyword are available, in addition to the keywords that are available for
all valid values of the protocol argument.
Source and Destination
You can specify the source and destination arguments in one of several ways. In each rule, the method that
you use to specify one of these arguments does not affect how you specify the other argument. When you
configure a rule, use the following methods to specify the source and destination arguments:
IP address group objectYou can use an IPv4 address group object to specify a source or destination
argument. Use the object-group ip address command to create and change IPv4 address group objects.
The syntax is as follows:
addrgroup
address-group-name
The following example shows how to use an IPv4 address object group named lab-gateway-svrs to specify
the destination argument:
switch(config-acl)# deny ip any addrgroup lab-gateway-svrs
Address and network wildcardYou can use an IPv4 address followed by a network wildcard to specify
a host or a network as a source or destination. The syntax is as follows:
IPv4-address network-wildcard
The following example shows how to specify the source argument with the IPv4 address and network wildcard
for the 192.168.67.0 subnet:
switch(config-acl)# deny tcp 192.168.67.0 0.0.0.255 any
Cisco Nexus 7000 Series Security Command Reference
237
D Commands
deny (IPv4)

Table of Contents

Other manuals for Cisco Nexus 7000 Series

Preview: Quick Start Guide
Quick Start Guide10 pages
Preview: Reference Guide
Reference Guide746 pages
Preview: Configuration Guide
Configuration Guide536 pages
Preview: Hardware Installation And Reference Guide
Hardware Installation And Reference Guide402 pages
Preview: Troubleshooting
Troubleshooting10 pages
Preview: Configuring
Configuring8 pages

Related product manuals