User Manual
SWP1(config)#interface ge1
SWP1(config-if)#ip access-group 3002 in
13.1.10 Generate MAC access list
[Syntax]
access-list mac-acl-id action mac src-info dst-info
no access-list mac-acl-id [action mac src-info dst-info]
[Parameter]
mac-acl-id : <100-199>, <2000-2699>
ID of MAC access list
action : Specifies the action for the access condition
Setting value Description
deny "Deny" the condition
permit "Permit" the condition
src-info : Specifies the transmission-source MAC address information that is the condition
Setting value Description
HHHH.HHHH.HHHH
WWWW.WWWW.WWWW
Specifies the MAC address
(HHHH.HHHH.HHHH) with wildcard bits
(WWWW.WWWW.WWWW)
host HHHH.HHHH.HHHH
Specifies an individual MAC address
(HHHH.HHHH.HHHH)
any Applies to all MAC addresses
dst-info : Specifies the destination MAC address information that is the condition
Setting value Description
HHHH.HHHH.HHHH
WWWW.WWWW.WWWW
Specifies the MAC address
(HHHH.HHHH.HHHH) with wildcard bits
(WWWW.WWWW.WWWW)
host HHHH.HHHH.HHHH
Specifies an individual MAC address
(HHHH.HHHH.HHHH)
any Applies to all MAC addresses
[Initial value]
none
[Input mode]
global configuration mode
[Description]
Generates a MAC access list.
Multiple conditions (maximum 39) can be specified for the generated access list.
To apply the generated access list, execute the "mac access-group" command in interface mode.
The "no access-list mac-acl-id action mac src-info dst-info" syntax deletes the MAC access list that matches all conditions.
The "no access-list mac-acl-id" syntax deletes the MAC access list that matches mac-acl-id.
[Note]
An access list that is applied to a LAN/SFP port cannot be deleted using the "no" syntax. You must first cancel the application,
and then delete the access list.
The MAC access list IDs are shared with the extended IPv4 access list IDs. This means that if the specified ID is used by an
extended IPv4 access list, it is handled as a command error.
174 | Command Reference | Traffic control