Motorola 2.1 User Manual Page 418
- Page / 713
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
Extended ACL Instance 14-3
14.1.2 deny
Extended ACL Config Commands
Use this command to specify packets to reject.
Syntax
deny [icmp|ip|proto|tcp|udp]
deny ip [<SOURCE-IP/MASK>|host <A.B.C.D>|any] [<DESTINATION-IP/MASK>|host <A.B.C.D>|any]
{log} {(rule-description <DESCRIPTION>|rule-precedence <1-5000>)}
deny icmp [<SOURCE-IP/MASK>|host <A.B.C.D>|any] [<DESTINATION-IP/MASK>|host <A.B.C.D>|
any] {<ICMP-TYPE>|<ICMP-CODE>} {log} {rule-description <DESCRIPTION>|
rule-precedence <1-5000>)}
deny proto [<1-254>|<WORD>|eigrp|gre|igmp|igp|ospf|vrrp] [<SOURCE-IP/MASK>|
host <A.B.C.D>|any] [<DESTINATION-IP/MASK>|host <A.B.C.D>|any]
{log} {(rule-description <DESCRIPTION>|rule-precedence <1-5000>)}
deny [tcp|udp] [<SOURCE-IP/MASK>|host <A.B.C.D>|any] [<DESTINATION-IP/MASK>|
host <A.B.C.D>|any|eq <1-65535>|range <STARTING-SOURCE-PORT
> <ENDING-SOURCE-PORT>]
{log} {(rule-description <DESCRIPTION>|rule-precedence <1-5000>)}
Parameters
deny (ip)
[<SOURCE-IP/MASK>|
host <A.B.C.D>|any]
[<DESTINATION-IP/MASK>|
host <A.B.C.D>|any]
{log}
{(rule-description
<DESCRIPTION>|
rule-precedence
<1-5000>)}
Use the
deny ip
command to reject IP packets from a specified source or to
a specified destination.
Define the network or host to deny as a source of packets, using one of the
following options:
• <SOURCE-IP/MASK> – The IP address and mask of the source network or
host in dotted decimal format. For example, 10.1.1.10/24 indicates the first
24 bits of the source IP are used for matching.
• any – Is an abbreviation for any source IP address of 0.0.0.0 and
source-mask bits equal to 0.
• host <A.B.C.D> – Is an abbreviation for exact source IP address and
source-mask bits equal to 32.
Define the network or host to deny as a destination of packets, using one of
the following options:
• <DESTINATION-IP/MASK> – The IP address and mask of the destination
network or host in dotted decimal format.
• any – Is an abbreviation for any destination IP address of 0.0.0.0 and
destination-mask bits equal to 0.
• host <A.B.C.D> – Is an abbreviation for the exact destination IP address and
destination-mask bits equal to 32.
The following keywords are common to all of the above:
• log – Optional. Generates log messages when the packet coming from the
interface matches the ACL entry. Log messages are generated only for
router ACLs.
• rule-description <DESCRIPTION> – Optional. Describes this IP deny ACL
rule (should not exceed 128 characters in length).
• rule-precedence <1-500> – Optional. Integer value between 1- 5000
that sets the rule precedence in the ACL.
- CLI Reference Guide 1
- Table of Contents 3
- Chapter 3. User Exec Commands 5
- Chapter 17. DHCP Instance 10
- Chapter 20. Wireless Instance 11
- Chapter 21. RTLS Instance 12
- Chapter 22. Role Instance 13
- Chapter 23. Sole Instance 13
- Appendix A. Customer Support 13
- About This Guide 14
- Summarize the 15
- commands within the RFS7000 15
- Switch CLI 15
- Annotated Symbols 16
- Notational Conventions 16
- General Information 18
- Motorola Solutions, Inc 19
- End-User License Agreement 19
- Introduction 22
- Introduction 1-3 24
- Introduction 1-5 26
- 1.2 CLI Overview 28
- Introduction 1-9 30
- 1.6 Basic Conventions 32
- RFS7000# conf<Tab> 33
- 1.7.3 Deleting Entries 34
- Common Commands 36
- 2.1.1 clrscr 37
- 2.1.2 exit 38
- 2.1.3 help 39
- Common Commands 2-5 40
- 2.1.4 no 41
- Common Commands 2-7 42
- 2.1.5 service 43
- Common Commands 2-9 44
- Common Commands 2-11 46
- Common Commands 2-13 48
- Common Commands 2-15 50
- Common Commands 2-17 52
- Common Commands 2-19 54
- Common Commands 2-21 56
- [no] service pm sys-restart 57
- Common Commands 2-23 58
- 2.1.6 show 60
- Common Commands 2-27 62
- 2.1.7 aap-wlan-acl 63
- 2.1.8 aap-wlan-acl-stats 64
- 2.1.9 access-banner 65
- 2.1.10 audit-log-filters 66
- 2.1.11 autoinstall 67
- 2.1.12 commands 68
- 2.1.13 crypto 69
- Common Commands 2-35 70
- 2.1.14 crypto-error-log 71
- 2.1.15 crypto-log 72
- 2.1.16 environment 73
- 2.1.17 firewall 74
- 2.1.18 history 75
- 2.1.19 interfaces 76
- 2.1.20 ip 78
- Common Commands 2-45 80
- Common Commands 2-47 82
- 2.1.21 ldap 83
- 2.1.22 licenses 84
- 2.1.23 logging 85
- 2.1.24 mac 86
- 2.1.25 mac-address-table 87
- 2.1.26 mac-name 88
- 2.1.27 management 89
- 2.1.28 mobility 90
- 2.1.29 ntp 92
- 2.1.30 port 93
- 2.1.31 port-channel 94
- 2.1.32 privilege 95
- 2.1.33 protocol-list 96
- 2.1.34 radius 97
- 2.1.35 redundancy 98
- 2.1.36 role 99
- 2.1.37 rtls 100
- 2.1.38 service-list 102
- 2.1.39 smtp-notification 103
- 2.1.40 snmp 104
- 2.1.41 snmp-server 105
- 2.1.42 spanning-tree 106
- 2.1.43 static-channel-group 108
- 2.1.44 terminal 109
- 2.1.45 timezone 110
- 2.1.46 traffic shape 111
- 2.1.47 users 112
- 2.1.48 version 113
- 2.1.49 virtual ip 114
- 2.1.50 wireless 115
- Common Commands 2-81 116
- Note: Use the 116
- command to view access port 116
- Common Commands 2-83 118
- Common Commands 2-85 120
- Common Commands 2-87 122
- Common Commands 2-89 124
- 2.1.51 wlan-acl 125
- 2.1.52 access-list 126
- 2.1.53 aclstats 127
- 2.1.54 boot 128
- 2.1.55 clock 129
- 2.1.56 debugging 130
- 2.1.57 dhcp 131
- 2.1.58 file 132
- 2.1.59 password-encryption 133
- 2.1.60 running-config 134
- 2.1.61 securitymgr 135
- 2.1.62 sessions 136
- 2.1.63 startup-config 137
- 2.1.64 upgrade-status 138
- 2.1.65 wlan-acl 139
- User Exec Commands 140
- Command Description Ref 141
- 3.1.1 clear 142
- 3.1.2 cluster-cli 143
- 3.1.3 disable 144
- 3.1.4 enable 145
- 3.1.5 logout 146
- 3.1.6 page 147
- 3.1.7 ping 148
- 3.1.8 quit 149
- 3.1.9 show 150
- User Exec Commands 3-13 152
- 3.1.10 terminal 153
- 3.1.11 traceroute 154
- Privileged Exec Commands 156
- 4.1.1 acknowledge 158
- 4.1.2 archive 159
- Viewing the output tar file? 160
- Which files are tared? 160
- Untar fails..? 160
- 4.1.3 change-passwd 161
- 4.1.4 clear 162
- Privileged Exec Commands 4-9 164
- RFS7000# 165
- RFS7000#clear arp-cache 165
- 4.1.5 clock 166
- 4.1.6 cluster-cli 167
- 4.1.7 configure 168
- 4.1.8 copy 169
- Privileged Exec Commands 4-15 170
- 4.1.10 enable 171
- 4.1.11 erase 172
- 4.1.12 halt 173
- 4.1.13 keytransfer 174
- 4.1.14 logout 175
- 4.1.15 page 176
- 4.1.16 ping 177
- 4.1.17 pwd 178
- 4.1.18 quit 179
- 4.1.19 reload 180
- 4.1.20 run 181
- 4.1.21 show 182
- Privileged Exec Commands 4-29 184
- Privileged Exec Commands 4-31 186
- Privileged Exec Commands 4-33 188
- Privileged Exec Commands 4-35 190
- Privileged Exec Commands 4-37 192
- Privileged Exec Commands 4-39 194
- Privileged Exec Commands 4-41 196
- Privileged Exec Commands 4-43 198
- 4.1.22 terminal 200
- 4.1.23 traceroute 201
- 4.1.24 upgrade 202
- 4.1.25 upgrade-abort 203
- 4.1.26 write 204
- Global Configuration Commands 206
- 5.1.1 aaa 209
- 5.1.2 aap-wlan-acl 210
- 5.1.3 access-banner 211
- 5.1.4 access-list 212
- Parameters 213
- 5.1.5 arp 219
- 5.1.6 audit-log-filter 220
- 5.1.7 auth-timeout 222
- 5.1.8 autoinstall 223
- 5.1.9 boot 224
- 5.1.10 bridge 225
- 5.1.11 country-code 227
- 5.1.12 crypto 228
- 5.1.13 do 233
- 5.1.14 end 234
- 5.1.15 errdisable 235
- 5.1.16 firewall 236
- 5.1.17 hostname 238
- 5.1.18 interface 239
- 5.1.19 ip 240
- 5.1.20 license 249
- 5.1.21 line 250
- 5.1.22 local 251
- 5.1.23 logging 252
- RFS7000(config)# 253
- 5.1.24 mac 254
- 5.1.25 mac-address-table 255
- 5.1.26 mac-name 256
- 5.1.27 management 257
- 5.1.28 network-element-id 258
- 5.1.29 ntp 259
- 5.1.30 prompt 263
- 5.1.31 radius-server 264
- 5.1.32 ratelimit 265
- 5.1.33 redundancy 266
- 5.1.34 remote-login 269
- 5.1.35 role 270
- 5.1.36 rtls 271
- 5.1.37 service 272
- 5.1.38 show 275
- 5.1.39 smtp-notification 288
- 5.1.40 snmp-server 290
- 5.1.41 spanning-tree 292
- 5.1.42 timezone 294
- 5.1.43 traffic-shape 295
- 5.1.44 username 296
- 5.1.45 virtual-ip 297
- 5.1.46 vpn 299
- 5.1.47 wireless 300
- 5.1.48 wlan-acl 301
- 5.1.49 zeroize 303
- Crypto - isakmp Instance 304
- 6.1.1 authentication 305
- 6.1.2 clrscr 306
- 6.1.3 encryption 307
- 6.1.4 end 308
- 6.1.5 exit 309
- 6.1.6 hash 310
- 6.1.7 help 311
- 6.1.8 lifetime 312
- 6.1.9 no 313
- 6.1.10 service 314
- 6.1.11 show 315
- Crypto - isakmp Instance 6-13 316
- Crypto - group Instance 318
- 7.1.1 clrscr 319
- 7.1.2 dns 320
- 7.1.3 end 321
- 7.1.4 exit 322
- 7.1.5 help 323
- 7.1.6 service 324
- 7.1.7 show 325
- Crypto - group Instance 7-9 326
- 7.1.8 wins 327
- Crypto - peer Instance 328
- 8.1.1 clrscr 329
- 8.1.2 end 330
- 8.1.3 exit 331
- 8.1.4 help 332
- 8.1.5 no 333
- 8.1.6 service 334
- 8.1.7 set 335
- 8.1.8 show 336
- Crypto - ipsec Instance 338
- 9.1.1 clrscr 339
- 9.1.2 end 340
- 9.1.3 exit 341
- 9.1.4 help 342
- 9.1.5 mode 343
- 9.1.6 no 344
- 9.1.7 service 345
- 9.1.8 show 346
- Crypto - map Instance 348
- 10.1.1 clrscr 349
- 10.1.2 end 350
- 10.1.3 exit 351
- 10.1.4 help 352
- 10.1.5 match 353
- 10.1.6 no 354
- 10.1.7 service 355
- 10.1.8 set 356
- Crypto - map Instance 10-11 358
- 10.1.9 show 359
- Crypto - map Instance 10-13 360
- Crypto - trustpoint Instance 362
- 11.1.1 clrscr 363
- 11.1.2 company-name 364
- 11.1.3 email 365
- 11.1.4 end 366
- 11.1.5 exit 367
- 11.1.6 fqdn 368
- 11.1.7 help 369
- 11.1.8 ip-address 370
- 11.1.9 no 371
- 11.1.10 password 372
- 11.1.11 rsakeypair 373
- 11.1.12 service 374
- 11.1.13 show 375
- 11.1.14 subject-name 377
- Interface Instance 378
- 12.1.1 clrscr 380
- 12.1.2 crypto 381
- 12.1.3 description 382
- 12.1.4 duplex 383
- 12.1.5 end 384
- 12.1.6 exit 385
- 12.1.7 help 386
- 12.1.8 ip 387
- Interface Instance 12-11 388
- 12.1.9 mac 389
- 12.1.10 management 390
- 12.1.11 no 391
- 12.1.12 port-channel 392
- 12.1.13 service 393
- 12.1.14 show 394
- 12.1.15 shutdown 396
- 12.1.16 spanning-tree 397
- Interface Instance 12-21 398
- 12.1.17 speed 399
- 12.1.18 static-channel-group 400
- 12.1.19 switchport 401
- Interface Instance 12-25 402
- 12.1.20 storm-control 403
- Spanning Tree-MST Instance 404
- 13.1.1 clrscr 405
- 13.1.2 end 406
- 13.1.3 exit 407
- 13.1.4 help 408
- 13.1.5 instance 409
- 13.1.6 name 410
- 13.1.7 no 411
- 13.1.8 revision 412
- 13.1.9 service 413
- 13.1.10 show 414
- Extended ACL Instance 416
- 14.1.1 clrscr 417
- 14.1.2 deny 418
- deny icmp 419
- Extended ACL Instance 14-5 420
- deny [tcp 421
- Extended ACL Instance 14-7 422
- 14.1.3 end 423
- 14.1.4 exit 424
- 14.1.5 help 425
- 14.1.6 mark 426
- Extended ACL Instance 14-13 428
- Extended ACL Instance 14-15 430
- 14.1.7 no 432
- 14.1.8 permit 433
- Extended ACL Instance 14-19 434
- TYPE field 435
- Extended ACL Instance 14-21 436
- Extended ACL Instance 14-23 438
- 14.1.9 service 439
- 14.1.10 show 440
- Standard ACL Instance 442
- 15.1.1 clrscr 443
- 15.1.2 deny 444
- 15.1.3 end 445
- 15.1.4 exit 446
- 15.1.5 help 447
- 15.1.6 mark 448
- 15.1.7 no 449
- 15.1.8 permit 450
- 15.1.9 service 451
- 15.1.10 show 452
- Extended MAC ACL Instance 454
- 16.1.1 clrscr 455
- 16.1.2 deny 456
- Usage Guidelines 457
- 16.1.3 end 459
- 16.1.4 exit 460
- 16.1.5 help 461
- 16.1.6 mark 462
- 16.1.7 no 464
- 16.1.8 permit 465
- 16.1.9 service 468
- 16.1.10 show 469
- DHCP Instance 472
- 17.1.1 address 474
- 17.1.2 bootfile 475
- 17.1.3 class 476
- 17.1.3.1 config-dhcp-class 478
- cammand 480
- 17.1.4 client-identifier 481
- 17.1.5 client-name 482
- 17.1.6 clrscr 483
- 17.1.7 ddns 484
- 17.1.8 default-router 485
- 17.1.9 dns-server 486
- 17.1.10 domain-name 487
- 17.1.11 end 488
- 17.1.12 exit 489
- 17.1.13 hardware-address 490
- 17.1.14 help 491
- 17.1.15 host 492
- 17.1.16 lease 493
- 17.1.17 netbios-name-server 494
- 17.1.18 netbios-node-type 495
- 17.1.19 network 496
- 17.1.20 next-server 497
- 17.1.21 no 498
- 17.1.22 option 499
- 17.1.23 service 500
- 17.1.24 show 501
- DHCP Instance 17-31 502
- 17.1.25 unicast-enable 503
- 17.1.26 update 504
- 17.2.1 Creating network pool 506
- 17.2.2 Creating host pool 507
- DHCP Instance 17-37 508
- DHCP Class Instance 510
- 18.1.1 clrscr 511
- 18.1.2 end 512
- 18.1.3 exit 513
- 18.1.4 help 514
- 18.1.5 multiple-user-class 515
- 18.1.6 no 516
- 18.1.7 option 517
- 18.1.8 service 518
- 18.1.9 show 519
- DHCP Class Instance 18-11 520
- RADIUS Server Instance 522
- 19.1.1 authentication 524
- 19.1.2 ca 525
- 19.1.3 clrscr 526
- 19.1.4 crl-check 527
- 19.1.5 end 528
- 19.1.6 exit 529
- 19.1.7 group 530
- 19.1.7.1 clrscr 531
- 19.1.7.2 end 532
- 19.1.7.3 exit 533
- 19.1.7.4 group 534
- 19.1.7.5 guest-group 535
- 19.1.7.6 help 536
- 19.1.7.7 no 537
- RADIUS Server Instance 19-17 538
- 19.1.7.8 policy 539
- RADIUS Server Instance 19-19 540
- 19.1.7.9 rad-user 541
- 19.1.7.10 rate-limit 542
- 19.1.7.11 service 543
- 19.1.7.12 show 544
- RADIUS Server Instance 19-25 546
- 19.1.8 help 548
- 19.1.10 ldap-server 550
- 19.1.11 nas 552
- 19.1.12 no 553
- 19.1.13 proxy 554
- 19.1.14 rad-user 555
- RADIUS Server Instance 19-35 556
- 19.1.15 server 557
- 19.1.16 service 558
- 19.1.17 show 559
- RADIUS Server Instance 19-39 560
- Wireless Instance 562
- Wireless Instance 20-3 564
- 20.1.1 aap 565
- 20.1.2 admission-control 567
- 20.1.3 adopt-unconf-radio 568
- 20.1.4 adoption-pref-id 569
- 20.1.5 ap 570
- RFS7000(config-wireless)# 571
- 20.1.6 ap-containment 572
- 20.1.7 ap-detection 573
- Wireless Instance 20-13 574
- 20.1.8 ap-image 575
- 20.1.9 ap-ip 576
- 20.1.11 ap-timeout 578
- 20.1.12 auto-select-channels 579
- 20.1.13 broadcast-tx-speed 580
- 20.1.14 client 581
- 20.1.14.1 clrscr 582
- 20.1.14.2 end 583
- 20.1.14.3 exit 584
- 20.1.14.4 help 585
- 20.1.14.5 no 586
- 20.1.14.6 service 587
- 20.1.14.7 show 588
- 20.1.14.8 station 590
- 20.1.14.9 wlan 591
- 20.1.15 clrscr 592
- 20.1.17 country-code 594
- 20.1.18 debug 595
- Wireless Instance 20-35 596
- 20.1.20 dhcp-sniff-state 598
- 20.1.21 dot11k 599
- 20.1.22 end 600
- 20.1.23 exit 601
- Wireless Instance 20-41 602
- 20.1.25 hotspot 603
- 20.1.26 help 604
- 20.1.27 load-balance 605
- 20.1.28 mac-auth-local 606
- 20.1.29 manual-wlan-mapping 608
- 20.1.30 mobile-unit 609
- 20.1.31 mobility 610
- Wireless Instance 20-51 612
- 20.1.34 nas-id 613
- 20.1.35 nas-port-id 614
- 20.1.37 no 616
- 20.1.38 proxy-arp 617
- 20.1.39 qos-mapping 618
- 20.1.40 radio 619
- Wireless Instance 20-59 620
- Wireless Instance 20-61 622
- Wireless Instance 20-63 624
- Wireless Instance 20-65 626
- Wireless Instance 20-67 628
- 20.1.41 rate-limit 629
- 20.1.42 self-heal 630
- 20.1.43 sensor 631
- 20.1.44 service 632
- Wireless Instance 20-73 634
- Wireless Instance 20-75 636
- 802.1x EAP Authentication 637
- Wireless Instance 20-77 638
- 20.1.45 smart-rf 639
- 20.1.46 show 640
- 20.1.47 smart-scan-channels 642
- 20.1.48 test 643
- 20.1.49 wips 644
- Wireless Instance 20-85 646
- 20.1.50 wlan 648
- Wireless Instance 20-91 652
- Wireless Instance 20-93 654
- Wireless Instance 20-95 656
- Wireless Instance 20-97 658
- Note: The 658
- 20.1.51 wlan-bw-allocation 660
- RTLS Instance 662
- 21.1.1 aeroscout 663
- 21.1.2 ap 664
- 21.1.3 clrscr 665
- 21.1.4 end 666
- 21.1.5 exit 667
- 21.1.6 help 668
- 21.1.7 ekahau 669
- 21.1.8 no 670
- 21.1.9 service 672
- [no] service [options] 673
- RFSwitch(config-rtls)# 673
- 21.1.10 show 674
- 21.1.11 site 676
- command 677
- 21.1.12 sole 678
- 21.1.13 switch 679
- Role Instance 680
- 22.1.1 ap-location 681
- 22.1.2 authentication-type 682
- 22.1.3 encryption-type 683
- 22.1.4 essid 684
- 22.1.5 group 685
- 22.1.6 ip 686
- 22.1.7 mac 687
- 22.1.8 mu-mac 688
- 22.1.9 clrscr 689
- 22.1.10 no 690
- 22.1.11 end 691
- 22.1.12 exit 692
- 22.1.13 help 693
- 22.1.14 service 694
- 22.1.15 show 695
- Sole Instance 696
- 23.1.2 clrscr 698
- 23.1.3 end 699
- 23.1.4 exit 700
- 23.1.5 help 701
- 23.1.6 locate 702
- 23.1.7 mobile-unit 703
- 23.1.8 no 704
- 23.1.9 redundancy 705
- 23.1.10 rssi-filter 706
- 23.1.11 service 707
- 23.1.12 show 708
- Appendix A - Customer Support 710
Related products and manuals for Networking Motorola 2.1
Networking Motorola MVME172 User Manual
(4 pages)
(4 pages)
Networking Motorola CPEI 775 User Manual
(58 pages)
(58 pages)
Networking Motorola MPC8260 User's Guide
(174 pages)
(174 pages)
Networking Motorola CPEI 890 User Manual
(48 pages)
(48 pages)
Networking Motorola 2.1 User Manual
(7 pages)
(7 pages)
Networking Motorola PTP 500 User's Guide
(447 pages)
(447 pages)
Networking Motorola WPCI810GP User's Guide
(58 pages)
(58 pages)
Networking Motorola SBV5220 User Manual
(1 pages)
(1 pages)
Networking Motorola CPEI 775 User Manual
(53 pages)
(53 pages)
© 2020, manymanuals.com. All rights reserved. | 0.324 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals