Overview
16-12
16.1.8 permit
MAC Extended ACL Config Commands
Use this command to specify packets to forward.
A MAC access list (to allow an arp) is mandatory for both port and WLAN ACL’s.
Syntax
{permit} {any|host source MAC address|source MAC\source MAC address mask}
{any|host destination MAC address | destination MAC\destination MAC address mask}
[vlan vlan-id] [dot1p dot1p-value] [type value|ip|ipv6|arp| vlan|wisp|0-65535]
[log] [rule-precedence access-list-entry precedence]
Parameters
NOTE Use a decimal value representation of ethertypes to implement permit/deny/mark
designations for a packet. Extended MAC ACL’s provide hexadecimal values for
each listed ethertype. The switch supports all ethertypes. Use the decimal
equvilant of the ethertype listed in the CLI or for any other type of ethertype.
Source MAC Address Bit mask specifying the bits to match. The source wildcard can be any
one of the following.
•
xx:xx:xx:xx:xx:xx/xx:xx:xx:xx:xx:xx–Source MAC
address and mask.
•
any – Any source host.
•
host – Exact source MAC address to match.
Destination MAC Address Bit mask specifying the bits to match. The destination wildcard can be
any one of the following:
•
xx:xx:xx:xx:xx:xx/xx:xx:xx:xx:xx:xx–Destination MAC
address and mask.
•
any – Any destination host.
•
host – Exact destination MAC address to match.
dot1p<0-7> 802.1p priority.
rule-precedence<1-5000> Access-list entry precedence.
type(<1-
65535>|arp|ip|ipv6|vlan|wisp)
EtherType.
vlan<1-4095> VLAN ID.
To Next Page
Loading...
Need help?
General
