Asus GigaX2024SX User Manual

permit, deny(MAC ACL)( 4-131)
mac access-group (4-133)
show mac access-list (4-133)

permit, deny (MAC ACL)

The rule filters packets matching a

ss (i.e., physical layer address), or

Ethernet protocol type. Use the no form to remove a rule.

[no] {permit | deny}
{any | host source | source address-bitmask}

host destination | destination address-bitmask}

ts.

k* – Bitmask for MAC address (in hexidecimal format).

: 1-4094)

d of VID range. (Range: 1-4095)

5)

Default Setting

MAC ACL

e list.

• The ethertype option can only be used to filter Ethernet II formatted packets.

ailed listing of Ethernet protocol types can be found in RFC 1060. A few

include the following:

E
This rule permits packets from any source MAC address to the destination
ad

Ethernet type is 0800.

This command adds a rule to a MAC ACL.
specified MAC source or destination addre

Syntax

{any |
[vid start [end]] [ethertype start [end]]

e

Note:- The default is for Ethernet II pack

any – Any MAC source or destination address.

•
• host – A specific MAC address.

ce MAC address.

• source – Sour
• destination – Destination MAC address range with bitmask.
• address-bitmas
• vid – VLAN ID. (Range

boun

• vid-end – Upper
• protocol – A specific Ethernet protocol number. (Range: 0-6553

l-end – Upper bound of protocol range. (Range: 0-65535)

• protoco

None
Command Mode

Command Usage

• New rules are added to the end of th

• A det
of the more common types
- 0800 - IP

0806 - ARP

-
- 8137 - IPX

xample

dress 00-e0-29-94-34-de where the

R
ac

elated Commands

cess-list mac (4-130)

4-99