776
{<destination><destination-wildcard>}|any-destination|{host-destination
<destination-host-ip>}} [d-port <port3>] [ack
+
fin
+
psh
+
rst
+
urg
+
syn]
[precedence <precedence>] [tos <tos>][time-range<time-range-name>]
[no]{deny|permit}{any-source-mac|{host-source-mac<host_smac>}|{<s
mac><smac-mask>}}{any-destination-mac|{host-destination-mac<host_
dmac>}|{<dmac><dmac-mask>}}udp{{<source><source-wildcard>}|any|{
host<source-host-ip>}}[s-port<port1>]{{<destination><destination-wildc
ard>}|any-destination|{host-destination
<destination-host-ip>}}[d-port<port3>][precedence<precedence>][tos<t
os>][time-range<time-range-name>]
[no]{deny|permit}{any-source-mac|{host-source-mac<host_smac>}|{<s
mac><smac-mask>}}{any-destination-mac|{host-destination-mac<host_
dmac>}|{<dmac><dmac-mask>}}{eigrp|gre|igrp|ip|ipinip|ospf|{<protocol-
num>}}{{<source><source-wildcard>}|any|{host<source-host-ip>}}{{<de
stination><destination-wildcard>}|any-destination|{host-destination<de
stination-host-ip>}}[precedence<precedence>][tos<tos>][time-range<ti
me-range-name>]
Functions:
Define an extended name MAC-IP ACL rule, ‘No’ form deletes one extended
numeric MAC-IP ACL access-list rule.
Parameters
: num access-list serial No. this is a decimal’s No. from 3100-3199.; deny if
rules are matching, deny to access; permit if rules are matching, permit to access;
any-source-mac: any source MAC address; any-destination-mac: any destination MAC
address; host_smac , smac: source MAC address; smac-mask: mask (reverse mask) of
source MAC address ; host_dmac , dmas destination MAC address; dmac-mask mask
(reverse mask) of destination MAC address; protocol No. of name or IP protocol. It can
be a key word: eigrp, gre, icmp, igmp, igrp, ip, ipinip, ospf, tcp, or udp, or an integer from
0-255 of list No. of IP address. Use key word ‘ip’ to match all Internet protocols (including
ICMP, TCP, AND UDP) list; source-host-ip, source No. of source network or source
host of packet delivery. Numbers of 32-bit binary system with dotted decimal notation
expression; host: means the address is the IP address of source host, otherwise the IP
address of network; source-wildcard: reverse of source IP. Numbers of 32-bit binary
system expressed by decimal’s numbers with four-point separated, reverse mask;
destination-host-ip, destination No. of destination network or host to which packets are
delivered. Numbers of 32-bit binary system with dotted decimal notation expression; host:
means the address is the that the destination host address, otherwise the network IP
address; destination-wildcard: mask of destination. I Numbers of 32-bit binary system
expressed by decimal’s numbers with four-point separated, reverse mask;
s-port(optional): means the need to match TCP/UDP source port; port1(optional): value of