Reference Guide
Usage
Information
When you use the log option, the CP processor logs detail the packets that match. Depending
on how many packets match the log entry and at what rate, the CP may become busy as it has
to log these packets’ details.
NOTE: When ACL logging and byte counters are configured simultaneously, byte counters
may display an incorrect value. Configure packet counters with logging instead.
Related
Commands
permit – configures a MAC address filter to pass packets.
seq – configures a MAC address filter with a specified sequence number.
mac access-list standard
Name a new or existing MAC access control list (MAC ACL) and enter MAC ACCESS LIST mode to configure a standard
MAC ACL. Also refer to the Commands Common to all ACL Types section and the Common MAC Access List Commands
section.
C-Series, E-Series, S-Series, Z-Series, S4810
Syntax
mac access-list standard mac-list-name
To delete a MAC access list, use the no mac access-list standard mac-list-
name
command.
Parameters
mac-list-name
Enter a text string as the name of the standard MAC access list (140
character maximum).
Defaults Not configured.
Command Modes CONFIGURATION
Command History
Version 8.3.11.1 Introduced on the Z9000.
Version 8.1.1.0 Introduced on the E-Series ExaScale.
Version 7.8.1.0 Increased the name string to accept up to 140 characters. Prior to
7.8.1.0, names are up to 16 characters long.
Version 7.6.1.0 Introduced on the S-Series.
Version 7.5.1.0 Introduced on the C-Series.
pre-Version
6.1.1.0
Introduced on the E-Series.
Usage
Information
FTOS supports one ingress and one egress MAC ACL per interface.
The number of entries allowed per ACL is hardware-dependent. For detailed specifications on
entries allowed per ACL, refer to your line card documentation.
NOTE: Ingress ACLs are supported on C-Series and S-Series platforms only.
Example
FTOS(conf)#mac-access-list access-list standard TestMAC
FTOS(config-std-macl)#?
deny Specify packets to reject
description List description
293