Chapter 10
| Access Control Lists
MAC ACLs
– 399 –
Related Commands
ipv6 access-group (Interface Configuration) (398)
show ipv6 access-list This command displays the rules for configured IPv6 ACLs.
Syntax
show ipv6 access-list {standard | extended} [acl-name]
standard – Specifies a standard IPv6 ACL.
extended – Specifies an extended IPv6 ACL.
acl-name – Name of the ACL. (Maximum length: 32 characters)
Command Mode
Privileged Exec
Example
Console#show ipv6 access-list standard
IPv6 standard access-list david:
permit host 2009:DB9:2229::79
permit 2009:DB9:2229:5::/64
Console#
Related Commands
permit, deny (Standard Pv6 ACL) (395)
permit, deny (Extended IPv6 ACL) (396)
ipv6 access-group (Interface Configuration) (398)
MAC ACLs
The commands in this section configure ACLs based on hardware addresses, packet
format, and Ethernet type. The ACLs can further specify optional IP and IPv6
addresses including protocol type and upper layer ports. To configure MAC ACLs,
first create an access list containing the required permit or deny rules, and then
bind the access list to one or more ports.
Table 70: MAC ACL Commands
Command Function Mode
access-list mac Creates a MAC ACL and enters configuration mode GC
mac access-group Binds a MAC ACL to all ports for ingress traffic GC
permit, deny Filters packets matching a specified source and destination
address, packet format, and Ethernet type. They can be
further specified using optional IP and IPv6 addresses
including protocol type and upper layer ports.
MAC-ACL
mac access-group Binds a MAC ACL to a port IC
To Next Page
Loading...
Need help?
General