C
OMMAND
L
INE
I
NTERFACE
4-130
permit
,
deny
(MAC ACL)
This command adds a rule to a MAC ACL. The rule filters packets
matching a specified MAC source or destination address (i.e., physical layer
address), or Ethernet protocol type. Use the
no
form to remove a rule.
Syntax
[
no
]
{
permit
|
deny
}
{
any
|
host
source
|
source address-bitmask
}
{
any
|
host
destination
|
destination address-bitmask
}
[
vid
vid
[
vid-end
]] [
ethertype
protocol
[
protocol-end
]]
Note:
- The default is for Ethernet II packets.
•
any
– Any MAC source or destination address.
•
host
– A specific MAC address.
•
source
– Source MAC address.
•
destination
– Destination MAC address range with bitmask.
•
address-bitmask
18
– Bitmask for MAC address (in hexidecimal
format).
•
vid
– VLAN ID. (Range: 1-4094)
•
vid-end
– Upper bound of VID range. (Range: 1-4094)
•
protocol
– A specific Ethernet protocol number. (Range: 0-65535)
•
protocol-end
– Upper bound of protocol range. (Range: 0-65535)
Default Setting
None
Command Mode
MAC ACL
Command Usage
• New rules are added to the end of the list.
• The
ethertype
option can only be used to filter Ethernet II formatted
packets.
18. For all bitmasks, “1” means care and “0” means ignore.
Содержание 6726AL2 FICHE
Страница 2: ......
Страница 20: ...CONTENTS xvi ...
Страница 24: ...TABLES xx ...
Страница 28: ...FIGURES xxiv ...
Страница 38: ...INTRODUCTION 1 10 ...
Страница 240: ...CONFIGURING THE SWITCH 3 190 ...
Страница 502: ...TROUBLESHOOTING B 4 ...
Страница 515: ......