Chapter 9
| Access Control Lists
MAC ACLs
– 336 –
Related Commands
show mac access-group (338)
Time Range (141)
permit, deny (MAC ACL) This command adds a rule to a MAC ACL. The rule filters packets matching a
specified MAC source or destination address (i.e., physical layer address), or
Ethernet protocol type. Use the no form to remove a rule.
Syntax
{permit | deny} any
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]
[time-range time-range-name]
no {permit | deny} any
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]
{permit | deny} eth2
{any | host source | source address-bitmask}
{any | host destination
| destination address-bitmask}
[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]
[time-range time-range-name]
no {permit | deny} eth2
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]
{permit | deny} llc-other
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [time-range time-range-name]
no {permit | deny} llc-other
{any | host
source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask]
{permit | deny} snap
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [time-range time-range-name]
no {permit | deny} snap
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask]
any – Any packet format type.
To Next Page
Loading...
