Permit, deny (mac acl) – Alcatel Carrier Internetworking Solutions OmniStack 6300-24 User Manual

Access Control List Commands

4-99

4

• To remove a rule, use the no permit or no deny command followed by the

exact text of a previously configured rule.

• An ACL can contain up to 32 rules.

Example

Related Commands

permit, deny 4-99
mac access-group (4-104)
show mac access-list (4-100)

permit, deny (MAC ACL)

This command adds a rule to a MAC ACL. The rule filters packets matching a
specified MAC source or destination address (i.e., physical layer address), or
Ethernet protocol type. Use the no form to remove a rule.

Syntax

[no] {permit | deny}

{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]

Note:- The default is for Ethernet II packets.

[no] {permit | deny} tagged-eth2

{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]

[no] {permit | deny} untagged-eth2

{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[ethertype protocol [protocol-bitmask]]

[no] {permit | deny} tagged-802.3

{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask]

[no] {permit | deny} untagged-802.3

{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}

• tagged-eth2 – Tagged Ethernet II packets.
• untagged-eth2 – Untagged Ethernet II packets.
• tagged-802.3 – Tagged Ethernet 802.3 packets.
• untagged-802.3 – Untagged Ethernet 802.3 packets.

Console(config)#access-list mac jerry
Console(config-mac-acl)#