Deny (Mac) - Alcatel OS-LS-6224 User Manual

• cos-wildcard — Specifies wildcard bits to be applied to the CoS.
• eth-type — Specifies the Ethernet type of the packet.(Range: 0-0xFFFF)
• inner vlan eth-type — The inner VLAN of a double tagged packet.
Default Setting
No MAC ACL is defined.
Command Mode
MAC-Access List Configuration mode
Command Usage
Before an Access Control Element (ACE) is added to an ACL, all packets are
permitted. After an ACE is added, an implied deny-any-any condition exists at
the end of the list and those packets that do not match the conditions defined
in the permit statement are denied.
If the VLAN ID is specified, the policy map cannot be connected to the VLAN
interface.
The inner-vlan field can be assigned only on:
• Fast Ethernet customer interfaces (the port mode is customer).
• Service provider interfaces when ALL the traffic is double tagged.
Example
The following example shows how to create a MAC ACL with permit rules.
Console(config)# mac access-list macl-acl1
Console(config-mac-al)# permit 6:6:6:6:6:6 0:0:0:0:0:0 any vlan 6
Related Commands
mac access-list

deny (MAC)

show access-lists
deny (MAC)
The deny MAC-Access List Configuration mode command denies traffic if the
conditions defined in the deny statement match.
deny destination
deny [disable-port] {any | {source source-wildcard} {any | {destination
destination- wildcard}} [vlan vlan-id] [cos cos cos-wildcard] [ethtype eth-type]
[inner-vlan vlan id]
Parameters
• disable-port — Indicates that the port is disabled if the statement is deny.
• source — Specifies the MAC address of the host from which the packet was
sent.
• source-wildcard — (Optional for the first type) Specifies wildcard bits by
4
ACL Commands
313