Filter
Top Products
3 0001000000000000 1111100000000000 4096 6143 2048
4 0001100000000000 1111110000000000 6144 7167 1024
5 0001110000000000 1111111000000000 7168 7679 512
6 0001111000000000 1111111100000000 7680 7935 256
7 0001111100000000 1111111111000000 7936 7999 64
8 0001111101000000 1111111111111111 8000 8000 1
Total Ports: 4001
Example
An ACL rule with a TCP port lt 1023 uses only one entry in the CAM.
Rule# Data Mask From To #Covered
1 0000000000000000 1111110000000000 0 1023 1024
Total Ports: 1024
Related
Commands
deny — assigns a filter to deny IP traffic.
deny udp — assigns a filter to deny UDP traffic.
deny udp
To drop user datagram protocol (UDP) packets meeting the filter criteria, configure a filter.
Z9500
Syntax
deny udp {source mask | any | host ip-address} [operator port
[port]] {destination mask | any | host ip-address} [dscp]
[operator port [port]] [count [bytes]] [log] [order] [monitor]
[fragments]
To remove this filter, you have two choices:
• Use the no seq sequence-number command if you know the filter’s
sequence number.
• Use the no deny udp {source mask | any | host ip-address}
{destination mask | any | host ip-address} command.
Parameters
source Enter the IP address of the network or host from which the
packets were sent.
mask Enter a network mask in /prefix format (/x) or A.B.C.D. The
mask, when specified in A.B.C.D format, may be either
contiguous or non-contiguous.
any Enter the keyword any to specify that all routes are subject
to the filter.
host ip-address Enter the keyword host then the IP address to specify a host
IP address.
dscp Enter this keyword dscp to deny a packet based on the
DSCP value. The range is from 0 to 63.
Access Control Lists (ACL)
243