ECS4100 Series CLI Reference Guide-R07

ManualsBrandsEdgecore Networks ManualsEnterpriseL2+/L3 Lite Gigabit Ethernet Access Switch

391

392

393

394

395

396

397

398

399

400

Table Of Contents

Chapter 10

| Access Control Lists

MAC ACLs

– 391 –

Example

Console(config)#access-list mac jerry

Console(config-mac-acl)#

Related Commands

permit, deny (391)

mac access-group (394)

show mac access-list (395)

permit, deny (MAC ACL) This command adds a rule to a MAC ACL. The rule filters packets matching a

specified MAC source or destination address (i.e., physical layer address), or

Ethernet protocol type. Rules can also filter packets based on IPv4/v6 addresses,

including Layer 4 ports and protocol types. Use the no form to remove a rule.

Syntax

{permit | deny}

{any | host source | source addres}

{any | host destination | destination address}

[cos cos cos-bitmask] [ip precedence precedence-value] [vid vid vid-bitmask]

[pppoe-session ip {any | host source | source addres} {any | host destination |

destination address} [precedence pre_value] [protocol protocol] [l4-

source-port sport [sport-bitmask]] [l4-destination-port dport [dport-

bitmask]]]

[ethertype ethertype [ethertype-bitmask]]

[time-range time-range-name]

no {permit | deny}

{any | host

source | source address}

{any | host destination | destination address}

[cos cos cos-bitmask] [ip precedence precedence-value] [vid vid vid-bitmask]

[pppoe-session ip {any | host source | source addres} {any | host destination |

destination address} [precedence pre_value] [protocol protocol] [l4-source-

port sport [sport-bitmask]] [l4-destination-port dport [dport-bitmask]]]

[ethertype ethertype [ethertype-bitmask]]

Note:

The default is for Ethernet II packets.

{permit | deny} tagged-eth2

{any | host source | source address}

{any | host destination | destination address}

[cos cos cos-bitmask] [vid vid vid-bitmask]

[ethertype ethertype [ethertype-bitmask]]

[time-range time-range-name]