Permit, deny (mac acl), Permit , deny (mac acl) – Accton Technology Direk Tronik ES4524D User Manual

MAC ACLs

44-13

44

• An ACL can contain up to 32 rules.

Example

Related Commands

permit, deny (44-13)
mac access-group (44-15)
show mac access-list (44-14)

permit, deny (MAC ACL)

This command adds a rule to a MAC ACL. The rule filters packets matching a
specified MAC source or destination address (i.e., physical layer address), or
Ethernet protocol type. Use the no form to remove a rule.

Syntax

[no] {permit | deny}
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]

Note:

- The default is for Ethernet II packets.

[no] {permit | deny} tagged-eth2
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]

[no] {permit | deny} untagged-eth2
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[ethertype protocol [protocol-bitmask]]

[no] {permit | deny} tagged-802.3
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask]

[no] {permit | deny} untagged-802.3
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}

• tagged-eth2 – Tagged Ethernet II packets.
• untagged-eth2 – Untagged Ethernet II packets.
• tagged-802.3 – Tagged Ethernet 802.3 packets.
• untagged-802.3 – Untagged Ethernet 802.3 packets.
• any – Any MAC source or destination address.
• host – A specific MAC address.

Console(config)#access-list mac jerry
Console(config-mac-acl)#