C
HAPTER
29
| Access Control Lists
MAC ACLs
– 762 –
{permit | deny} tagged-802.3
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [time-range time-range-name]
no {permit | deny} tagged-802.3
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask]
{permit | deny} untagged-802.3
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[time-range time-range-name]
no {permit | deny} untagged-802.3
{any | host
source | source address-bitmask}
{any | host destination | destination address-bitmask}
tagged-eth2 – Tagged Ethernet II packets.
untagged-eth2 – Untagged Ethernet II packets.
tagged-802.3 – Tagged Ethernet 802.3 packets.
untagged-802.3 – Untagged Ethernet 802.3 packets.
any – Any MAC source or destination address.
host – A specific MAC address.
source – Source MAC address.
destination – Destination MAC address range with bitmask.
address-
bitmask
12
– Bitmask for MAC address (in hexadecimal
format).
vid – VLAN ID. (Range: 1-4093)
vid-bitmask
12
–
VLAN bitmask. (Range: 1-4095)
protocol – A specific Ethernet protocol number.
(Range: 600-ffff hex.)
protocol-bitmask
12
– Protocol bitmask.
(Range: 600-ffff hex.)
time-range-name - Name of the time range.
(Range: 1-30 characters)
DEFAULT SETTING
None
COMMAND MODE
MAC ACL
COMMAND USAGE
◆ New rules are added to the end of the list.
12. For all bitmasks, “1” means care and “0” means ignore.
To Next Page
Loading...
