Dell PowerEdge M520 Dell Converged Enhanced Ethernet Command Reference - Page 158
deny extended ACLs, Synopsis, count, no deny, Operands, Defaults, Command, Modes, Description, Usage
View all Dell PowerEdge M520 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 158 highlights
10 deny (extended ACLs) deny (extended ACLs) Synopsis Operands Configures a MAC address rule to drop traffic based on the source and destination MAC addresses. deny {any | host MAC _ACL| MAC_ACL} {any | host MAC _ACL| MAC _ACL} [EtherType |arp |fcoe | ipv4] [count] no deny {any | host MAC _ACL| MAC_ACL} {any | host MAC _ACL| MAC _ACL} [EtherType |arp |fcoe| ipv4] any host MAC_ACL MAC_ACL Specifies any source MAC address. Specifies the source host MAC address for which to set deny conditions. Use the format HHHH.HHHH.HHHH. Specifies the source host MAC address for which to set deny conditions. Use the format HHHH.HHHH.HHHH. any host MAC_ACL MAC_ACL Ethertype Specifies any destination MAC address. Specifies the destination host address for which to set deny conditions. Use the format HHHH.HHHH.HHHH. Specifies the destination host address for which to set deny conditions. Use the format HHHH.HHHH.HHHH. Specifies the protocol number for which to set the deny conditions. The range of valid values is 1536-65535. arp Specifies to deny the Address Resolution Protocol (0x0806). fcoe Specifies to deny the Fibre Channel over Ethernet Protocol (0x8906). ipv4 Specifies to deny the IPv4 protocol (0x0800). count Enables counting of the packets matching the rule. Defaults By default, no MAC ACLs are configured. Command Feature Access Control List Configuration mode Modes Description Usage Guidelines Use this command to configure rules to match and drop traffic based on the source and destination MAC addresses and the protocol type. You can also enable counters for a specific rule. There are 255 ACL counters supported per port group. Use the no deny command to remove a rule from the MAC ACL. The first set of {any | host MAC_ACL | MAC_ACL} parameters is specific to the source MAC address. The second set of {any | host MAC_ACL | MAC_ACL} parameters is specific to the destination MAC address. Example To create a rule in a MAC extended ACL to drop IPv4 traffic from the source MAC address 0022.3333.4444 to the destination MAC address 0022.3333.5555 and to enable the counting of packets: switch(conf-macl-ext)#deny 0022.3333.4444 0022.3333.5555 ipv4 count To delete a rule from a MAC extended ACL: 142 Dell Converged Enhanced Ethernet Command Reference 53-1002115-01