User`s manual

User’s Manual 81

Console(config-std-acl)#deny 10.1.1.1 255.255.255.255

Console(config-std-acl)#exit

Console(config)#access-list ip mask-precedence in

Console(config-ip-mask-acl)#mask host any

Console(config-ip-mask-acl)#mask 255.255.255.0 any

Console(config-ip-mask-acl)#

6.7.8 Configuring a MAC ACL Mask

This mask defines the fields to check in the packet header.

Follow these guidelines.

You must configure a mask for an ACL rule before you can bind it to a port.

Command Attributes

Source/Destination MAC – Use “Any” to match any address, “Host” to specify the host address for a single

node, or “MAC” to specify a range of addresses. (Options: Any, Host, MAC; Default: Any)

Source/Destination MAC Bitmask – Address of rule must match this bitmask.

VID Bitmask – VLAN ID of rule must match this bitmask.

Ethernet Type Bitmask – Ethernet type of rule must match this bitmask.

Packet Format Bitmask – A packet format must be specified in the rule.

Configuring Switch Using the Web or CLI

Web

Configure the mask to match the required rules in the MAC ingress or egress ACLs. Set the mask to check

for any source or destination address, a host address, or an address range. Use a bitmask to search for

specific VLAN ID(s) or Ethernet type(s). Alternatively, check for rules where a packet format was specified.

Then click Add.