Release : 1.1f 932 / 985
Super Micro Intelligent Switch Command Line Interface User Guide
33.16 deny icmp
This command specifies the ICMP packets to be rejected based on the IP address and
associated parameters.
deny icmp {any |host <src-ip-address>|<src-ip-address> <mask>}{any |
host <dest-ip-address> | <dest-ip-address> <mask> }[<message-type (0-
255)>] [<message-code (0-255)>] [ priority <value (1-255)>]
Syntax Description
icmp - Internet Control Message Protocol
any| host <src-ip-address>| <src-ip-address> <mask> - Source IP address can
be 'any' or the word 'host' and the dotted decimal address or number of the network or the host
that the packet is from and the network mask to use with the source address
any|host <dest-ip-address>| <dest-ip-address> <mask> - Destination IP address
can be 'any' or the word 'host' and the dotted decimal address or number of the network or the
host that the packet is destined for and the network mask to use with the destination address
message-type - Message type
message-code - ICMP Message code
priority - The priority of the filter used to decide which filter rule is applicable when the packet
matches with more than one filter rules. Higher value of 'filter priority' implies a higher priority.
Mode
ACL Extended Access List Configuration Mode
Defaults
message-type / message code - 255
Example
Smis(config-ext-nacl)# deny icmp host 100.0.0.10 10.0.0.1
255.255.255.255
The ICMP message type can be one of the following:
Value ICMP type
0 Echo reply
3 Destination unreachable
4 Source quench
5 Redirect
To Next Page
Loading...
