Permit (mac), Deny (mac), Permit (mac) deny (mac) – Allied Telesis AT-S95 CLI User Manual

ACL Commands

Page 35

Example

The following example creates a MAC ACL.

permit (MAC)

The permit MAC-Access List Configuration mode command sets permit conditions for a MAC-Access List.

Syntax

permit {any |sequence}

Parameters
•

sequence - specific MAC source address and mask. For example: to set 00:00:00:00:10:XX use mac

00:00:00:00:10:00 with mask 00:00:00:00:00:FF

Default Configuration

No MAC ACL is defined.

Command Mode

MAC-Access List Configuration mode

User Guidelines
•

Enter IP-Access List configuration mode by using the MAC access-list Global Configuration mode command.

•

After an access control entry (ACE) is added to an access control list, an implied deny-any-any condition

exists at the end of the list. That is, if there are no matches, the packets are denied. However, before the first
ACE is added, the list permits all packets.

Example

The following example creates a MAC ACL with permit rules.

deny (MAC)

The deny MAC-Access List Configuration mode command sets deny conditions for an MAC-Access List.

Syntax

deny [disable-port] {any|{source source- wildcard} {any|{destination destination- wildcard}} [vlan vlan-id] [cos
cos cos-wildcard] [ethtype eth-type]

console(config)# mac access-list macl-acl1
console(config-mac-al)#

console(config)# mac access-list macl-acl1
console(config-mac-al)# permit mac 00:00:00:00:10:00 mask 00:00:00:00:00:FF