beautypg.com

Permit (extended acls), Extended acls), Permit (extended acls), per – Brocade Network OS Command Reference v4.1.0 User Manual

Page 571

background image

Network OS Command Reference

533

53-1003115-01

permit (extended ACLs)

2

permit (extended ACLs)

Configures a MAC address rule to permit traffic based on the source and destination MAC
addresses.

Synopsis

permit {[any | host MAC_ADDRESS | MAC_ADDRESS] [any | host MAC_ADDRESS |
MAC_ADDRESS] [EtherType | arp | fcoe | ipv4] [count]}

no permit {[any | host MAC_ADDRESS | MAC_ADDRESS] [any | host MAC_ADDRESS |
MAC_ADDRESS] [EtherType | arp | fcoe | ipv4]}

Operands

any

Specifies any source MAC address.

host MAC_ADDRESS

Specifies the source host MAC address for which to set permit conditions.
Use the format HHHH.HHHH.HHHH.

MAC_ADDRESS

Specifies the destination host MAC address for which to set permit
conditions. Use the format HHHH.HHHH.HHHH.

any

Specifies any destination MAC address.

host MAC_ADDRESS

Specifies the source host address for which to set permit conditions.
Use the format HHHH.HHHH.HHHH.

MAC_ADDRESS

Specifies the destination host address for which to set permit conditions.
Use the format HHHH.HHHH.HHHH.

EtherType

Specifies the protocol number for which to set the permit conditions.
The range of valid values is 1536 through 65535.

arp

Specifies to permit the Address Resolution Protocol (0x0806).

fcoe

Specifies to permit the Fibre Channel over Ethernet Protocol (0x8906).

ipv4

Specifies to permit the IPv4 protocol (0x0800).

count

Enables counting of the packets matching the filter rule.

Defaults

No MAC ACLs are configured.

Command Modes

Feature Access Control List configuration mode

Description

Use this command to configure rules to match and to permit traffic based on the source and
destination MAC addresses, and the protocol type. You can also enable counters for a specific rule.
There are 255 ACL counters supported per port group.

Usage Guidelines

The first set of [any | host MAC_ADDRESS | MAC_ADDRESS] parameters is specific to the source
MAC address. The second set of [any | host MAC_ADDRESS | MAC_ADDRESS] parameters is
specific to the destination MAC address.

Enter no permit to remove a rule from the MAC ACL.

Examples

To create a rule in a MAC extended ACL to permit IPv4 traffic from the source MAC address
0022.3333.4444

to the destination MAC address 0022.3333.5555

and to enable the counting

of packets:

switch(conf-macl-ext)# permit 0022.3333.4444 0022.3333.5555 ipv4 count

See also other documents in the category Brocade Computer Accessories: