Cisco Cisco SF302-08PP 8-port 10 100 PoE+ Managed Switch Referencia técnica
Management ACL Commands
78-20269-01 Command Line Interface Reference Guide
181
10
deny ip-source
{ipv4-address | ipv6-address/ipv6-prefix-length} [mask {mask |
prefix-length}] [interface-id] [service service]
Parameters
•
interface-id—Specifies an interface ID. The interface ID can be one of the
following types: Ethernet port, Port-channel or VLAN
following types: Ethernet port, Port-channel or VLAN
•
service
service
—Specifies the service type. Possible values are: Telnet,
SSH, HTTP, HTTPS and SNMP.
•
ipv4-address—Specifies the source IPv4 address.
•
ipv6-address/ipv6-prefix-length—Specifies the source IPv6 address and
source IPv6 address prefix length. The prefix length must be preceded by a
forward slash (/). The parameter is optional.
source IPv6 address prefix length. The prefix length must be preceded by a
forward slash (/). The parameter is optional.
•
mask
mask
—Specifies the source IPv4 address network mask. The
parameter is relevant only to IPv4 addresses.
•
mask
prefix-length
—Specifies the number of bits that comprise the source
IPv4 address prefix. The prefix length must be preceded by a forward slash
(/). The parameter is relevant only to IPv4 addresses. (Range: 0–32)
(/). The parameter is relevant only to IPv4 addresses. (Range: 0–32)
Default Configuration
No rules are configured.
Command Mode
Management Access-List Configuration mode
User Guidelines
Rules with ethernet, VLAN, and port-channel parameters are valid only if an IP
address is defined on the appropriate interface.
address is defined on the appropriate interface.
Example
The following example denies all ports in the ACL called mlist.
switchxxxxxx(config)#
management access-list
mlist
switchxxxxxx(config-macl)#
deny