| |
|
|
deny
Sets the condition for a named IP access list to deny.
Syntax: deny
Description: Use the deny command in access-list configuration mode to prevent outbound route updates from being advertised and inbound route updates from being accepted. This command is also used for packet filtering. See "access-list" on page 286 and "ip access-list" on page 298.
Factory Default: None.
Command Mode: Access list configuration.
Example: In the following example:
- The ip access-list command creates a standard access list named ISP1_inbound and changes the command mode to access-list configuration.
- The permit command adds a condition to the access list that permits access from hosts on 2 specified networks.
router(config)#ip access-list standard ISP1_inbound
router(config-std-nacl)#permit 205.5.1.121 0.0.0.255
router(config-std-nacl)#permit 128.20.0.0 0.0.255.255
router(config-std-nacl)#exit
router(config)#
When the access list is applied to outbound routes, only those prefixes specified by the permit command are advertised.
When the access list is applied to inbound routes, only those prefixes specified by the permit command are accepted.
Related Commands: access list
ip access-list
ip as-path access-list
ip community-list
neighbor distribute-list
neighbor filter-list
permit
route-map
show access-lists
show ip access-lists
| |
|
|
Source
File Name: Routing_Pol.fm
HTML File Name: Routing_Pol5.html
Last Updated: 05/30/02 at 13:22:29
Please email suggestions and comments to: doc@avici.com