104
Converged Enhanced Ethernet Administrator’s Guide
53-1002163-02
ACL configuration and management
10
DRAFT: BROCADE CONFIDENTIAL
NOTE
Using the permit and deny keywords, you can create many different rules. The examples in this
section provide the basic knowledge needed to modify MAC ACLs.
NOTE
This example assumes that test_02 contains an existing rule number 100 with the “deny any any”
options.
To modify a MAC ACL, perform the following steps from privileged EXEC mode.
1. Enter the configure terminal command to access global configuration mode.
2. Enter the mac command to specify the ACL called test_02 for modification.
switch(config)#
mac access-list extended test_02
3. Enter the no seq command to delete the existing rule 100.
switch (config)#
no seq 100
4. Enter the seq command to re create rule number 100 by recreating it with new parameters.
switch(conf-macl-ext)#
seq 100 permit any any
Removing a MAC ACL
To remove a MAC ACL, perform the following steps from privileged EXEC mode.
1. Enter the configure terminal command to access global configuration mode.
2. Enter the mac command to specify and delete the ACL that you want to remove. In this
example, the extended MAC ACL name is “test_02.”
switch(config)#
no mac access-list extended test_02
Reordering the sequence numbers in a MAC ACL
You can reorder the sequence numbers assigned to rules in a MAC ACL. Reordering the sequence
numbers is useful when you need to insert rules into an ACL and there are not enough available
sequence numbers.
The first rule receives the number specified by the starting-sequence number that you specify.
Each subsequent rule receives a number larger than the preceding rule. The difference in numbers
is determined by the increment number that you specify. The starting-sequence number and the
increment number must be in the range of 1 through 65535.
For example, in the task listed below the
resequence
command assigns a sequence number of
50 to the rule named test_02, then the second rule has a sequence number of 55 and the
third rule a has a sequence number of 60.
To reorder the rules in a MAC ACL, perform the following task from privileged EXEC mode.
Enter the resequence command to assign sequence numbers to the rules contained in the MAC
ACL.
switch#
resequence access-list mac test_02 50 5
Содержание Converged Enhanced Ethernet 8000
Страница 4: ...iv Converged Enhanced Ethernet Administrator s Guide 53 1002163 02 DRAFT BROCADE CONFIDENTIAL ...
Страница 14: ...xiv Converged Enhanced Ethernet Administrator s Guide 53 1002163 02 DRAFT BROCADE CONFIDENTIAL ...
Страница 16: ...xvi Converged Enhanced Ethernet Administrator s Guide 53 1002163 02 DRAFT BROCADE CONFIDENTIAL ...
Страница 66: ...44 Converged Enhanced Ethernet Administrator s Guide 53 1002163 02 CEE audit logs 5 DRAFT BROCADE CONFIDENTIAL ...
Страница 162: ...140 Converged Enhanced Ethernet Administrator s Guide 53 1002163 02 Brocade 8000 Replacement A ...