Deny/Permit (Mac Acl Rule) - Mellanox Technologies Mellanox SX1018 Command Reference Manual

deny/permit (MAC ACL rule)

[seq-number <sequence-number>] {deny|permit } {any | <source-mac> [mask
<mac>]} {any |<destination-mac> [mask <mac>]} [protocol <protocol>] [cos
<cos-value>] [vlan <vlan-id>] [action <action-id>]
no <sequence-number>
Creates a rule for MAC ACL.
The no form of the command deletes a rule from the MAC ACL.
Syntax Description sequence-number
deny | permit
{any | <source-mac>
[mask <mac>]}
{any | <destination-mac>
[mask <mac>]}
protocol
cos-value
vlan-id
Default No rule is added by default to access control list.
Default sequence number is in multiple of 10.
Configuration Mode Config MAC ACL
History 3.1.1400
Role admin
Example
switch (config mac access-list my-list) # seq-number 10 deny
0a:0a:0a:0a:0a:0a mask ff:ff:ff:ff:ff:ff any vlan 6 cos 2 protocol 80
switch (config mac access-list my-list) #
Related Commands ipv4/mac access-list
ipv4/mac port access-group
Note
Optional parameter to set a specific sequence number
for the rule. The range is:1-500.
Determines the type of the rule, denies or permits
action.
Sets source MAC and optionally sets a mask for that
MAC. The "any" option will cause the rule not to check
the source MAC.
Sets destination MAC and optionally sets a mask for
that MAC. The "any" option will cause the rule not to
check the destination MAC.
Sets the Ethertype filed value from the MAC address.
Possible range is: 0x0000-0xffff.
Sets the COS (priority bits) field, possible range is: 0-7.
Sets the VLAN ID field, possible range is 0-4095.
Mellanox® Technologies Confidential
Rev 1.6.9
Mellanox Technologies 391