Table of Contents
Advertisement
| Access Control Lists
C
25
HAPTER
ARP ACLs
permit, deny
(ARP ACL)
C
M
OMMAND
ODE
Global Configuration
C
U
OMMAND
SAGE
When you create a new ACL or enter configuration mode for an existing
◆
ACL, use the permit or deny command to add new rules to the bottom
of the list. To create an ACL, you must add at least one rule to the list.
To remove a rule, use the no permit or no deny command followed by
◆
the exact text of a previously configured rule.
An ACL can contain up to 128 rules.
◆
E
XAMPLE
Console(config)#access-list arp factory
Console(config-arp-acl)#
R
C
ELATED
OMMANDS
permit, deny (724)
show arp access-list (725)
This command adds a rule to an ARP ACL. The rule filters packets matching
a specified source or destination address in ARP messages. Use the no
form to remove a rule.
S
YNTAX
[no] {permit | deny}
ip {any | host source-ip | source-ip ip-address-bitmask}
mac {any | host source-ip | source-ip ip-address-bitmask} [log]
This form indicates either request or response packets.
[no] {permit | deny} request
ip {any | host source-ip | source-ip ip-address-bitmask}
mac {any | host source-mac | source-mac mac-address-bitmask}
[log]
[no] {permit | deny} response
ip {any | host source-ip | source-ip ip-address-bitmask}
{any | host destination-ip | destination-ip ip-address-bitmask}
mac {any | host source-mac | source-mac mac-address-bitmask}
[any | host destination-mac | destination-mac mac-address-
bitmask] [log]
source-ip – Source IP address.
destination-ip – Destination IP address with bitmask.
ip-address-bitmask
to match.
source-mac – Source MAC address.
16. For all bitmasks, binary "1" means care and "0" means ignore.
– 724 –
– IPv4 number representing the address bits
16
- Quick Links:
- Connecting to the Switch
Hide quick links:
Advertisement
Table of Contents
