Command Reference Guide
236 | Access Control Lists (ACL)
www.dell.com | support.dell.com
Command Modes
CONFIGURATION
Command
History
Usage
Information
FTOS supports one ingress and one egress MAC ACL per interface.
Prior to 7.8.1.0, names are up to 16 characters long.
The number of entries allowed per ACL is hardware-dependent. Refer to your line card
documentation for detailed specification on entries allowed per ACL.
C-Series and S-Series support ingress ACLs only.
Example
FTOS(conf)#mac access-list access-list standard TestMAC
FTOS(config-std-macl)#?
deny Specify packets to reject
description List description
exit Exit from access-list configuration mode
no Negate a command or set its defaults
permit Specify packets to forward
remark Specify access-list entry remark
seq Sequence numbers
show Show Standard ACL configuration
permit
c e s
Configure a filter to forward packets from a specific source MAC address.
Syntax
permit {any | mac-source-address [mac-source-address-mask]} [count [byte]] | [log] [monitor]
To remove this filter, you have two choices:
• Use the
no seq sequence-number command syntax if you know the filter’s
sequence number or
• Use the
no permit {any | mac-source-address mac-source-address-mask} command.
Parameters
Version 8.1.1.0 Introduced on E-Series ExaScale
Version 7.8.1.0 Increased name string to accept up to 140 characters. Prior to 7.8.1.0, names
are up to 16 characters long.
Version 7.6.1.0 Support added for S-Series
Version 7.5.1.0 Support added for C-Series
pre-Version 6.1.1.0 Introduced for E-Series
any
Enter the keyword any to forward all packets received with a
MAC address.
mac-source-address
Enter a MAC address in nn:nn:nn:nn:nn:nn format.
mac-source-address-mask
(OPTIONAL) Specify which bits in the MAC address must
match. If no mask is specified, a mask of 00:00:00:00:00:00 is
applied (in other words, the filter allows only MAC addresses
that match).