beautypg.com

4 mac access-group, 5 show mac access-lists, Mac access-group - 26 – Kontron AT8902 Full Size CLI User Manual

Page 190: Show mac access-lists - 26

background image

AT8901/2/3

AT8901/2/3 CLI Reference Manual

Page 4 - 26

NOTE: The

mirror

and

redirect

parameters are not available on the Broad-

com 5630x platform.

NOTE: The special command form

{deny | permit}

any any

is used to

match all Ethernet layer 2 packets, and is the equivalent of the IP
access list “match every” rule.

Format

{deny|permit} { | any} { | any} [pekey> | <0x0600-0xFFFF>] [vlan {eq <0-4095>}] [cos <0-7>]
[[log] [assign-queue ]] [{mirror | redirect}
]

Mode

Mac-Access-List Config

4.7.4

mac access-group

This command attaches a specific MAC Access Control List (ACL) identified by

to an interface in a given direction. The

parameter must be the name of

an existing MAC ACL.

An optional sequence number may be specified to indicate the order of this mac access
list relative to other mac access lists already assigned to this interface and direction. A
lower number indicates higher precedence order. If a sequence number is already in
use for this interface and direction, the specified mac access list replaces the currently
attached mac access list using that sequence number. If the sequence number is not
specified for this command, a sequence number that is one greater than the highest
sequence number currently in use for this interface and direction is used.

This command specified in 'Interface Config' mode only affects a single interface,
whereas the 'Global Config' mode setting is applied to all interfaces. The 'Interface
Config' mode command is only available on platforms that support independent per-
port class of service queue configuration.

Format

mac access-group in [sequence <1-4294967295>]

Modes

Global Config
Interface Config

4.7.4.1

no mac access-group

This command removes a MAC ACL identified by

from the interface in a

given direction.

Format

no mac access-list in

Modes

Global Config
Interface Config

4.7.5

show mac access-lists

This command displays a MAC access list and all of the rules that are defined for the
MAC ACL. Use the

[name]

parameter to identify a specific MAC ACL to display.

Format

show mac access-lists [name]

Mode

Privileged EXEC

Rule Number The ordered rule number identifier defined within the MAC ACL.

See also other documents in the category Kontron Hardware: