deny (role-based access control list)
To configure a deny action in the security group access control list (SGACL), use the deny command. To
remove the action, use the no form of this command.
2
deny {all| icmp| igmp| ip}{tcp| udp} [ {src| dst}{ | {eq | gt| lt| neq}| port -number}| range {port-number
1| port-number 2}[log]
no deny {all| icmp| igmp| ip}{tcp| udp} [ {src| dst}{ | {eq | gt| lt| neq}| port -number}| range {port-number
1| port-number 2}[log]
Syntax Description
Specifies all traffic.all
Specifies Internet Control Message Protocol (ICMP)
traffic.
icmp
Specifies Internet Group Management Protocol
(IGMP) traffic.
igmp
Specifies IP traffic.ip
Specifies TCP traffic.tcp
Specifies User Datagram Protocol (UDP) traffic.udp
Specifies the source port number.src
Specifies the destination port number.dst
Specifies equal to the port number.eq
Specifies greater than the port number.gt
Specifies less than the port number.lt
Specifies not equal to the port number.neq
Port number for TCP or UDP. The range is from 0 to
65535.
port-number
Specifies a port range for TCP or UDP.range
First port in the range. The range is from 0 to 65535.
port-number1
Last port in the range. The range is from 0 to 65535.
port-number2
2
Cisco Nexus 7000 Series Security Command Reference
262
D Commands
deny (role-based access control list)
To Next Page
Loading...
