Table of Contents
Advertisement
ACL Commands
deny (MAC)
deny (MAC)
SPS208G/SPS224G4/SPS2024 Command Line Interface Reference Guide
User Guidelines
Before an Access Control Element (ACE) is added to an ACL, all packets are
permitted. After an ACE is added, an implied deny-any-any condition exists at the
end of the list and those packets that do not match the conditions defined in the
permit statement are denied.
If the VLAN ID is specified, the policy map cannot be connected to the VLAN
interface.
Example
The following example shows how to create a MAC ACL with permit rules.
Console(config)# mac access-list macl-acl1
Console(config-mac-al)# permit 6:6:6:6:6:6 0:0:0:0:0:0 ny vlan 6
The deny MAC-Access List Configuration mode command denies traffic if the
conditions defined in the deny statement match.
Syntax
deny [disable-port] {any | {
wildcard
vlan-id
}}[vlan
cos cos-wildcard
[cos
Parameters
•
disable-port — Indicates that the port is disabled if the statement is deny.
•
source
— Specifies the MAC address of the host from which the packet
was sent.
•
source-wildcard —
placing 1's in bit positions to be ignored.
•
destination
— Specifies the MAC address of the host to which the packet is
being sent.
source source-wildcard
]
eth-type
] [ethtype
]
(Optional for the first type) Specifies wildcard bits by
} {any | {
destination destination-
3
58
Hide quick links:
Advertisement
Table of Contents
