Release : 1.1f 920 / 985
Super Micro Intelligent Switch Command Line Interface User Guide
33.10 deny tcp
This command specifies the TCP packets to be rejected based on the associated parameters.
deny tcp {any | host <src-ip-address> | <src-ip-address> <src-mask>
}[{gt <port-number (1-65535)> | lt <port-number (1-65535)> |eq <port-
number (1- 65535)> | range <port-number (1-65535)> <port-number (1-
65535)>}]{ any | host <dest-ip-address> | <dest-ip-address> <dest-mask>
}[{gt <port-number (1-65535)> | lt <port-number (1-65535)> | eq <port-
number (1-65535)> |range <port-number (1-65535)> <port-number (1-
65535)>}][{ ack | rst }][{tos{maxreliability| max-throughput|min-
delay|normal|<tos-value(0-7)>} | dscp <value (0-63)>}] [ priority
<short (1-255)>]
Syntax Description
Tcp - Transmission control protocol
any| host <src-ip-address>| <src-ip-address> <src-mask> - Source IP address
can be ‘any’ or the word ‘host’ and the dotted decimal address or number of the network or the
host that the packet is from and the network mask to use with the source address
port-number - Port Number. The input for the source and the destination port-number is
prefixed with one of the following operators.
eq=equal
lt=less than
gt=greater than
range=a range of ports; two different port numbers must be specified
any|host <dest-ip-address>| <dest-ip-address> <dest-mask> - Destination IP
address can be ‘any’ or the word ‘host’ and the dotted decimal address or number of the network
or the host that the packet is destined for and the network mask to use with the destination
address
ack - TCP ACK bit to be checked against the packet. It can be establish (1), non-establish (2) or
any (3)
rst - TCP RST bit to be checked against the packet. It can be set (1), notset (2) or any (3)
tos - Type of service. Can be max-reliability, max throughput, min-delay, normal or a range of
values from 0 to 7, Differentiated Services Code Point (DSCP) values to match against incoming
packets.
To Next Page
Loading...
