Management ACLs
138
G8264 Application Guide for ENOS 8.4
Management ACLs (MACLs) filter inbound traffic i.e. traffic toward the CPU.
MACLs are applied switch‐wide. Traffic can be filtered based on the following:
IPv4 source address
IPv4 destination address
IPv4 protocols
TCP/UDP destination or source port
Lower MACL numbers have higher priority.
Following is an example MACL configuration based on a destination IP address
and a TCP‐UDP destination port:
RS G8264(config)# accesscontrol macl 1 ipv4 destinationipaddress
1.1.1.1 255.255.255.0
RS G8264(config)# accesscontrol macl 1 tcpudp destinationport 111
0xffff
RS G8264(config)# accesscontrol macl 1 statistics
RS G8264(config)# accesscontrol macl 1 action permit
RS G8264(config)# accesscontrol macl 1 enable
Use the following command to view the MACL configuration:
RS G8264(config)# show accesscontrol macl 1
MACL 1 profile
: Enabled
IPv4
- DST IP
: 1.1.1.1/255.255.255.0
TCP/UDP
- DST Port
: 111/0xffff
Action
: Permit
Statistics
: Enabled