Chapter 9
| Access Control Lists
MAC ACLs
– 348 –
◆ An ACL can contain up to 96 rules.
Example
Console(config)#access-list mac jerry
Console(config-mac-acl)#
Related Commands
permit, deny (348)
mac access-group (350)
show mac access-list (351)
permit, deny (MAC ACL) This command adds a rule to a MAC ACL. The rule filters packets matching a
specified MAC source or destination address (i.e., physical layer address), or
Ethernet protocol type. Use the no form to remove a rule.
Syntax
{permit | deny}
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]
[
time-range time-range-name]
no {permit | deny}
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]
Note:
The default is for Ethernet II packets.
{permit | deny} tagged-eth2
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]
[
time-range time-range-name]
no {permit | deny} tagged-eth2
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]
{permit | deny} untagged-eth2
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[ethertype protocol [protocol-bitmask]] [
time-range time-range-name]
To Next Page
Loading...
