TP-Link TL-SG3424P TL-SG3424P V1 CLI Guide - Page 153

Example Create a MAC ACL whose ID is 20: TP-LINK(config)# acl create 20 acl rule mac-acl Description The acl rule mac-acl command is used to add MAC ACL rule. To delete the corresponding rule, please use no acl rule mac-acl command. MAC ACLs analyze and process packets based on a series of match conditions, which can be the source MAC addresses, destination MAC addresses, VLAN ID, and EtherType carried in the packets. Syntax acl rule mac-acl {acl-id} {rule-id} [op { discard | permit }] [[smac source-mac] {smask source-mac-mask}] [[dmac destination-mac] {dmask destination-mac-mask}] [vid vlan-id] [type ethernet-type] [pri user-pri] [tseg time-segment] no acl rule mac-acl {acl-id} {rule-id} Parameter acl-id -- The desired MAC ACL for configuration. rule-id -- The rule ID. op -- The operation for the switch to process packets which match the rules. There are two options, discard and permit. Discard means discarding packets, and permit means forwarding packets. By default, the option is permit. source-mac -- The source MAC address contained in the rule. source-mac-mask -- The source MAC address mask. It is required if you typed the source MAC address. destination-mac -- The destination MAC address contained in the rule. destination-mac-mask -- The destination MAC address mask. It is required if you typed the destination MAC address. vlan-id -- The VLAN ID contained in the rule, ranging from 1 to 4094. ethernet-type -- EtherType contained in the rule, in the format of 4-hex number. user-pri -- The user priority contained in the rule, ranging from 0 to 7. By default, it is not limited. time-segment -- The time-range for the rule to take effect. By default, it is 140