Technical data
Table Of Contents
- Contents
- About This Document
- CLI Basics
- In this chapter
- Management tools
- CEE command line interface
- Saving your configuration changes
- CEE CLI RBAC permissions
- Accessing the CEE CLI through the console or Telnet
- Accessing the CEE CLI from the Fabric OS shell
- CEE CLI command modes
- CEE CLI keyboard shortcuts
- Using the do command as a shortcut
- Displaying CEE CLI commands and command syntax
- CEE CLI command completion
- CEE CLI command output modifiers
- CEE Commands
- advertise dcbx-fcoe-app-tlv
- advertise dcbx-fcoe-logical-link-tlv
- advertise dcbx-iscsi-app-tlv
- advertise dcbx-tlv
- advertise dot1-tlv
- advertise dot3-tlv
- advertise optional-tlv
- bridge-priority
- cee
- cee-map
- channel-group
- cisco-interoperability
- clear counters
- clear counters access-list mac
- clear dot1x statistics
- clear dot1x statistics interface
- clear ip igmp group
- clear ip igmp groups
- clear lacp
- clear lacp counters
- clear lldp neighbors
- clear lldp statistics
- clear mac-address-table dynamic
- clear spanning-tree counter
- copy
- debug dot1x packet
- debug ip igmp all
- debug lacp
- debug lldp packet
- debug spanning-tree
- delete
- deny (extended ACLs)
- deny (standard ACLs)
- description (interface)
- description (LLDP)
- dir
- disable
- do
- dot1x authentication
- dot1x enable
- dot1x port-control
- dot1x protocol-version
- dot1x quiet-period
- dot1x reauthenticate interface
- dot1x reauthentication
- dot1x reauthMax
- dot1x timeout re-authperiod
- dot1x timeout server-timeout
- dot1x timeout supp-timeout
- dot1x timeout tx-period
- enable
- end
- erase flash
- error-disable-timeout enable
- error-disable-timeout interval
- exec-timeout
- exit
- fcoe-map
- fcoeport
- fcoe-priority-bits
- fcoe-vlan
- forward-delay
- fos
- hello
- hello-time
- instance
- interface
- interface vlan
- ip igmp last-member-query-interval
- ip igmp query-interval
- ip igmp query-max-response-time
- ip igmp snooping enable (global version)
- ip igmp snooping enable (VLAN version)
- ip igmp snooping fast-leave
- ip igmp snooping mrouter
- ip igmp snooping mrouter-timeout
- ip igmp snooping querier
- ip igmp static-group
- iscsi-priority-bits
- lacp system-priority
- lacp timeout
- line console
- line vty
- lldp dcbx-version
- lldp disable
- lldp fcoe-priority-bits
- lldp iscsi-priority-bits
- lldp profile
- logout
- mac access-group
- mac access-list extended
- mac access-list standard
- mac-address-table
- max-age
- max-hops
- mode
- mtu
- multiplier
- permit (extended ACLs)
- permit (standard ACLs)
- port-channel path-cost
- priority-group-table
- priority-table
- profile
- protocol lldp
- protocol spanning-tree
- pwd
- qos cos
- qos cos-mutation
- qos cos-traffic-class
- qos map cos-mutation
- qos map cos-traffic-class
- qos queue multicast scheduler
- qos queue scheduler
- qos rcv-queue multicast rate-limit
- qos rcv-queue multicast threshold
- qos trust cos
- quit
- region
- rename
- resequence access-list mac
- revision
- rmon alarm
- rmon collection
- rmon event
- seq (extended MAC ACLs)
- seq (standard MAC ACLs)
- show accounting
- show calendar
- show cee maps
- show clock
- show debug ip igmp
- show debug lacp
- show debug lldp
- show debug spanning-tree
- show dot1x
- show dot1x all
- show dot1x diagnostics interface
- show dot1x interface
- show dot1x session-info interface
- show dot1x statistics interface
- show environment
- show file
- show history
- show interface
- show ip igmp groups
- show ip igmp interface
- show ip igmp mrouter
- show ip igmp snooping
- show ip interface
- show lacp counter
- show lacp sys-id
- show line
- show lldp
- show lldp interface
- show lldp neighbors
- show lldp statistics
- show logging
- show mac access-group
- show mac-address-table
- show media
- show media interface
- show media linecard
- show port-channel
- show power supply
- show privilege
- show processes cpu
- show processes memory
- show qos flowcontrol interface
- show qos interface
- show qos maps
- show qos queue interface
- show qos rcv-queue interface
- show qos rcv-queue multicast
- show rmon
- show running-config
- show running-config access-list mac
- show running-config cee-map
- show running-config dot1x
- show running-configuration igmp
- show running-config interface port-channel
- show running-config interface tengigabitethernet
- show running-config interface vlan
- show running-config linecard
- show running-config rmon
- show spanning-tree
- show spanning-tree brief
- show spanning-tree interface
- show spanning-tree mst brief
- show spanning-tree mst detail
- show spanning-tree mst instance
- show spanning-tree mst-config
- show spanning-tree mst interface
- show startup-config
- show statistics access-list interface
- show statistics access-list mac
- show system
- show tech-support
- show users
- show version
- show vlan
- show vlan classifier
- shutdown (interface)
- shutdown (Spanning Tree Protocol)
- spanning-tree autoedge
- spanning-tree cost
- spanning-tree edgeport
- spanning-tree guard root
- spanning-tree hello-time
- spanning-tree instance
- spanning-tree link-type
- spanning-tree portfast
- spanning-tree priority
- spanning-tree restricted-role
- spanning-tree restricted-tcn
- spanning-tree shutdown
- spanning-tree tc-flush-standard
- switchport
- switchport access
- switchport converged
- switchport mode
- switchport trunk
- system-description
- system-name
- terminal length
- terminal monitor
- transmit-holdcount
- undebug
- vlan classifier activate group
- vlan classifier group
- vlan classifier rule
- write erase
- write memory
Converged Enhanced Ethernet Command Reference 143
53-1002508-01
seq (standard MAC ACLs)
2
seq (standard MAC ACLs)
Inserts a rule anywhere in the MAC ACL.
Synopsis seq value {deny | permit} {any | host MAC _ACL| MAC_ACL} [count]
no seq value
Operands value Specifies the sequence number for the rule. The range of valid values is from
0 through 65535.
permit Specifies rules to permit traffic.
deny Specifies rules to deny traffic.
any Specifies any source MAC address.
host MAC_ACL Specifies the host-specific source MAC address for which to set permit or
deny conditions. Use the format HHHH.HHHH.HHHH.
MAC_ACL Specifies any source MAC address for which to set permit or deny conditions.
Use the format HHHH.HHHH.HHHH.
count Enables the counting of the packets matching the rule.
Defaults By default, no MAC ACLs are configured.
Command
Modes
Feature Access Control List configuration mode
Description Use this command to configure rules to match and permit or drop traffic based on source and
destination MAC address and protocol type. You can also enable counters for a specific rule. There
are 255 ACL counters supported per port group. Use the no seq value command to remove a rule
from the MAC ACL.
Usage
Guidelines
None
Examples To create a rule in a standard MAC ACL to permit or to drop traffic from the source MAC address
0022.3333.4444 and to enable the counting of packets:
switch(conf-macl-std)#seq 100 deny 0022.3333.4444 count
switch(conf-macl-std)#seq 1000 permit 0022.3333.4444 count
To delete a filter rule in a standard MAC ACL:
switch(conf-macl-std)#no seq 100
See Also deny (standard ACLs), permit (standard ACLs), resequence access-list mac