Mac access-group – Brocade Network OS Command Reference v4.1.0 User Manual

440

Network OS Command Reference

53-1003115-01

mac access-group

2

mac access-group

Applies rules specified in a MAC access control list (ACL) to traffic entering or exiting an interface.

Synopsis

mac access-group name {in | out}

no mac access-group name {in | out}

Operands

name

Specifies the name of the standard or extended MAC access list.

in

Specifies to filter inbound packets only.

out

Specifies to filter outbound packets only.

Defaults

No access lists are applied to the interface.

Command Modes

Interface subtype configuration mode

Description

Use this command to apply a MAC ACL to a supported interface.

Create the MAC ACL by using the mac access-list global configuration command.

Usage Guidelines

You can assign one MAC ACL (standard or extended) to an interface.

When a packet is received on an interface with a MAC ACL applied, the switch checks the rules in
the ACL. If any of the rules match, the switch permits or drops the packet, according to the rule.
If the specified ACL does not exist, the switch permits all the packets.

Enter no mac access-group name {in | out} to remove the MAC ACL from the interface.

Examples

To apply an ingress MAC ACL named macacl2, and to filter inbound packets only, on a specific
10-gigabit Ethernet interface:

switch(config)# interface tengigabitethernet 178/0/9

switch(conf-if-te-178/0/9)# mac access-group macacl2 in

To remove an ingress MAC ACL named macacl2 from a specific port-channel interface:

switch(config)# interface port-channel 62

switch(conf-port-channel-62)# no mac access-group macacl2 in

See Also

interface, mac access-list extended, mac access-list standard