Operation Manual
Configuration Guide 522
Configuring ACL ACL Configurations
Step 3 rule
rule-id
{deny | permit} [ [smac
source-mac
]
smask
source-mac-mask
] [
[
dmac
destination-
mac
]
dmask
destination-mac-mask
]
Add an MAC ACL rule.
rule-id
:
Specify the rule ID, which ranges from 0 to 999. It should not be the same as any
existing MAC ACL rule IDs
deny | permit:
Specify the operation to be performed with the packets that match the rule. By default,
it is set to permit. The packets will be discarded if “deny” is selected and forwarded if “permit” is
selected.
source-mac
:
Enter the source MAC address. The format is FF:FF:FF:FF:FF:FF.
source-mac-mask
:
Enter the mask of the source MAC address. This is required if a source MAC address
is entered. The format is FF:FF:FF:FF:FF:FF.
destination-mac
:
Enter the destination MAC address. The format is FF:FF:FF:FF:FF:FF.
destination-mac-mask
:
Enter the mask of the destination MAC address. This is required if a destination
MAC address is entered. The format is FF:FF:FF:FF:FF:FF.
Step 4 show access-list [
access-list-num
]
(Optional) View the current ACL configuration.
access-list-num
: The ID number of the ACL.
Step 5 end
Return to privileged EXEC mode.
Step 6 copy running-config startup-config
Save the settings in the configuration file.
The following example shows how to create MAC ACL 50 and configure Rule 1 to permit
packets with source MAC address 00:34:a2:d4:34:b5:
Switch#configure
Switch(config)#mac access-list 50
Switch(config-mac-acl)#rule 1 permit smac 00:34:a2:d4:34:b5 smask ff:ff:ff:ff:ff:ff
Switch(config-mac-acl)#show access-list 50
mac access list 50
Rule 1 permit smac 00:34:a2:d4:34:b5 smask ff:ff:ff:ff:ff:ff
Switch(config-mac-acl)#end
Switch#copy running-config startup-config