Dell PowerConnect 3548 Command Line Interface Guide - Page 97
deny (MAC), mac access-list, permit
View all Dell PowerConnect 3548 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 97 highlights
Example The following example shows how to create a MAC ACL with permit rules. Console(config)# mac access-list macl-acl1 Console(config-mac-al)# permit 06:a6 00:00:00:00:00:00 any vlan 6 deny (MAC) The deny MAC-Access List Configuration mode command denies traffic if the conditions defined in the deny statement match. Syntax • deny [disable-port] {any|{source source- wildcard} {any|{ destination destination- wildcard}} [vlan vlan-id] [cos cos cos-wildcard] [ethtype eth-type] • disable-port - Indicates that the port is disabled if the condition is matched. • source - Specifies the MAC address of the host from which the packet was sent. • source-wildcard - Specifies wildcard bits to the source MAC address by placing 1s in bit positions to be ignored. • any - Specify a MAC address and mask. For example, to set 00:00:00:00:10:XX use the Mac address 00:00:00:00:10:00 and mask 00:00:00:00:00:FF. • destination - Specifies the MAC address of the host to which the packet is being sent. • destination-wildcard - Specifies wildcard bits to the destination MAC address by placing 1s in bit positions to be ignored. • vlan-id - Specifies the vlan id of the packet. (Range: 1 - 4094) • cos - Specifies the packets's Class of Service (CoS). (Range: 0 - 7) • cos-wildcard - Specifies wildcard bits to be applied to the CoS. • eth-type - Specifies the packet's Ethernet type in hexadecimal format. (0 - 05dd-ffff {hex}) Default Configuration No MAC access list is defined. Command Mode MAC-Access List Configuration mode. User Guidelines • MAC BPDU packets cannot be denied. • Each MAC address in the ACL is a ACE (Access Control Element) and can only be removed by deleting the ACL using the no ip access-list Global Configuration mode command or the Web-based interface. ACL Commands 97