D-Link DGS-1510 Series

To Next Page

To Previous Page

DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide

specified sequence number will be assigned sequence based new sequence setting of the specified

access list.

When you manually assign the sequence number, it is better to have a reserved interval for future

lower sequence number entries. Otherwise, it will create extra effort to insert an entry with a lower

sequence number.

The sequence number must be unique in the domain of an access-list. If you enter a sequence

number that is already present, an error message will be shown.

Example

This example shows how to create four entries for an IPv6 extended access list named “ipv6-control”.

These entries are: permit TCP packets destined to network ff02::0:2/16, permit TCP packets destined

to host ff02::1:2, permit all TCP packets go to port 80 and permit all ICMP packets.

Switch# configure terminal

Switch(config)# ipv6 access-list extended ipv6-control

Switch(config-ipv6-ext-acl)# permit tcp any ff02::0:2/16

Switch(config-ipv6-ext-acl)# permit tcp any host ff02::1:2

Switch(config-ipv6-ext-acl)# permit tcp any any eq 80

Switch(config-ipv6-ext-acl)# permit icmp any any

Switch(config-ipv6-ext-acl)#

This example shows how to create two entries for an IPv6 standard access-list named “ipv6-std-

control”. These entries are: permit IP packets destined to network ff02::0:2/16, and permit IP packets

destined to host ff02::1:2.

Switch# configure terminal

Switch(config)# ipv6 access-list ipv6-std-control

Switch(config-ipv6-acl)# permit any ff02::0:2/16

Switch(config-ipv6-acl)# permit any host ff02::1:2

Switch(config-ipv6-acl)#

4-20 permit | deny (mac access-list)

This command is used to define the rule for packets that will be permitted or denied. Use the no form

of this command to remove an entry

[SEQUENCE-NUMBER] {permit | deny} {any | host SRC-MAC-ADDR | SRC-MAC-ADDR SRC-

MAC-WILDCARD} {any | host DST-MAC-ADDR | DST-MAC-ADDR DST-MAC-WILDCARD}

[ethernet-type TYPE MASK [cos VALUE] [vlan VLAN-ID] [time-range PROFILE-NAME]

no SEQUENCE-NUMBER

Parameters

SEQUENCE-NUMBER

Specifies the sequence number. The range is from 1 to 65535. The

lower the number is, the higher the priority of the permit/deny rule.

any

Specifies any source MAC address or any destination MAC

address.

host SRC-MAC-ADDR

Specifies a specific source host MAC address.

SRC-MAC-ADDR SRC-MAC-

WILDCARD

Specifies a group of source MAC addresses by using a wildcard

bitmap. The bit corresponding to the bit value 1 will be ignored. The

bit corresponding to the bit value 0 will be checked.

host DST-MAC-ADDR

Specifies a specific destination host MAC address.

DST-MAC-ADDR DST-MAC-

WILDCARD

Specifies a group of destination MAC addresses by using a wildcard

bitmap. The bit corresponding to the bit value 1 will be ignored. The

Main Page

D-Link DGS-1510 Series - Page 61

Table of Contents

Other manuals for D-Link DGS-1510 Series

Related product manuals