ACL Commands
127 OL-32830-01 Command Line Interface Reference Guide
4
User Guidelines
A MAC ACL is defined by a unique name. IPv4 ACL, IPv6 ACL, MAC ACL or policy
maps cannot have the same name
If ace-priority is omitted, the system sets the rule's priority to the current highest
priority ACE (in the current ACL) + 20. The ACE-priority must be unique per ACL.If
the user types already existed priority, then the command is rejected.
Example
switchxxxxxx(config)#
mac access-list
extended
server1
switchxxxxxx(config-mac-al)#
permit
00:00:00:00:00:01 00:00:00:00:00:ff
any
4.8 permit ( MAC )
Use the permit command in MAC Access-list Configuration mode to set permit
conditions (ACEs) for a MAC ACL. Use the no form of the command to remove the
access control entry.
Syntax
permit
{any | source source-wildcard} {any | destination destination-wildcard}
[
ace-priority
priority][eth-type 0 | aarp | amber | dec-spanning | decnet-iv |
diagnostic | dsm | etype-6000] [vlan vlan-id] [cos cos cos-wildcard] [
time-range
time-range-name]
[log-input]
no permit
{any | source source-wildcard} {any | destination destination-wildcard}
[eth-type 0 | aarp | amber | dec-spanning | decnet-iv | diagnostic | dsm | etype-6000]
[vlan vlan-id] [cos cos cos-wildcard] [
time-range
time-range-name]
[log-input]
Parameters
•
source
—Source MAC address of the packet.
•
source-wildcard
—Wildcard bits to be applied to the source MAC address.
Use 1s in the bit position that you want to be ignored.
•
destination
—Destination MAC address of the packet.
•
destination-wildcard
—Wildcard bits to be applied to the destination MAC
address. Use 1s in the bit position that you want to be ignored.
To Next Page
Loading...
