Defining Mac Based Access Control Lists - Dell PowerConnect 54 Series User Manual

Table 7-5. IP Based ACL CLI Commands
CLI Command
permit {any| protocol} {any|{source source-wildcard}}
{any|{destination destination-wildcard}} [dscp number | ip-
precedence number] [fragments]
permit-icmp {any|{source source-wildcard}} {any|{destination
destination-wildcard}} {any|icmp-type} {any|icmp-code} [dscp
number | ip-precedence number]
permit-igmp {any|{source source-wildcard}} {any|{destination
destination-wildcard}} {any|igmp-type} [dscp number | ip-
precedence number]
permit-tcp {any|{ source source-wildcard}} {any|source-port}
{any|{ destination destination-wildcard}} {any|destination-port}
[dscp number | ip-precedence number] [flags list-of-flags]
permit-udp {any|{ source source-wildcard}} {any| source-port}
{any|{destination destination-wildcard}} {any|destination-port}
[dscp number | ip-precedence number]
deny [disable-port] {any| protocol} {any|{source source-
wildcard}} {any|{destination destination-wildcard}} [dscp number
| ip-precedence number] [fragments]
deny-icmp [disable-port] {any|{source source-wildcard}}
{any|{destination destination-wildcard}} {any|icmp-type}
{any|icmp-code} [dscp number | ip-precedence number]
deny-igmp [disable-port] {any|{source source-wildcard}}
{any|{destination destination-wildcard}} {any|igmp-type} [dscp
number | ip-precedence number]
deny-tcp [disable-port] {any|{ source source-wildcard}}
{any|source-port} {any|{ destination destination-wildcard}}
{any|destination-port} [dscp number | ip-precedence number]
[flags list-of-flags]
deny-udp [disable-port] {any|{ source source-wildcard}} {any|
source-port} {any|{destination destination-wildcard}}
{any|destination-port} [dscp number | ip-precedence number]

Defining MAC Based Access Control Lists

The Network Security - MAC Based ACL page allows a MAC- based ACL to be defined. ACEs can be
added only if the ACL is not bound to an interface.
To define MAC Based ACLs, click Switch → Network Security → MAC Based ACL.
(continued)
Description
To set conditions to allow a packet to
pass a named IP access list, use the
permit command in access list
configuration mode.
To set conditions to allow a packet to
pass a named IP access list, use the deny
command in access list configuration
mode.
Configuring Device Information
233