3 mac access-group in, 4 mac access-list – Fortinet 548B User Manual
Page 393
- 393 -
Default Setting
None
Command Mode
Global Config
7.22.2.3 mac access-group in
This command attaches a specific MAC Access Control List (ACL) identified by
interface, or associates it with a VLAN ID, in a given direction. The
of an exsiting MAC ACL.
An optional sequence number may be specified to indicate the order of this access list relative to other
access lists already assigned to this interface and direction. A lower number indicates higher
precedence order. If a sequence number is already in use for this interface and direction, the specified
access list replaces the currently attached access list using that sequence number. If the sequence
number is not specified for this command, a sequence number that is one greater than the highest
sequence number currently in use for this interface and direction will be used.
This command specified in 'Interface Config' mode only affects a single interface, whereas the 'Global
Config' mode setting is applied to all interfaces. The 'Interface Config' mode command is only available
on platforms that support independent per-port class of service queue configuration. The VLAN keyword
is only valid in the 'Global Config' mode.
Syntax
mac access-group
no mac access-group
given direction.
Default Setting
None
Command Mode
Global Config
Interface Config
7.22.2.4 mac access-list
This command creates a new rule for the current MAC access list. Each rule is appended to the list of
configured rules for the list. Note that an implicit 'deny all' MAC rule always terminates the access list.
Note: The 'no' form of this command is not supported, as the rules within an ACL cannot be deleted
individually. Rather, the entire ACL must be deleted and re-specified.