3 permit – CANOGA PERKINS 9175 Command Reference User Manual

33-2

None

Examples

This example shows how to create a filter in ARP ACL to deny ARP response packet whose sender IP

address is 10.10.25.1.

Switch(config-arp-acl)#deny response ip host 10.10.25.1 mac any log

This example shows how to create a filter in ARP ACL to deny ARP request packet whose sender MAC

address is 001A.A02C.A1DF.

Switch(config-arp-acl)#deny response ip any mac host 001A.A02C.A1DF log

Related Commands

no sequence-num

33.3 permit

Use this command to permit ARP packets when match this access-list.

Command Syntax

permit [request |response] ip {ip mask |any |host ip} mac {mac mask |any |host mac} [log]

[request |response]: specified ARP request or ARP response packets to match this

access-list.

When use neither of them, both ARP request and ARP response packets will be
matched.

ip mask: the IP address and its wildcard bits.

any: match all the sender IP address in packets.

host ip: only match the specified sender IP address.

mac mask: the MAC address and its wildcard bits.

any: match all sender MAC address in packets.

host mac: only match the specified sender MAC address.

[log]: add to logs when match the access-list.

Command Mode

ARP ACL configuration

Usage

None

Examples

This example shows how to create a filter in ARP ACL to permit ARP response whose sender IP

address is 10.10.25.1.

Switch(config-arp-acl)#permit response ip host 10.10.25.1 mac any log

This example shows how to create a filter in ARP ACL to permit ARP response whose sender MAC

address is 001A.A02C.A1DF.

Switch(config-arp-acl)#permit response ip any mac host 001A.A02C.A1DF log

This example shows how to create a filter in ARP ACL to permit all the ARP packets.

CanogaOS Command Reference