Commands for Security Function Chapter 6 Commands for TACACS+
21.22 permit | deny(mac-ip extended)
Command:
[no] {deny|permit} {any-source-mac|{host-source-mac}|{}}
{any-destination-mac|{host-destination-mac}|{}}
icmp{{}|any-source|{host-source}}
{{}|any-destination|{host-destination
}} [ []] [precedence ] [tos
][time-range]
[no]{deny|permit}
{any-source-mac|{host-source-mac}|{}}
{any-destination-mac|{host-destination-mac}|{}}
igmp{{}|any-source| {host-source}}
{{}|any-destination|{host-destination
}} [] [precedence ] [tos
][time-range]
[no]{deny|permit}{any-source-mac|{host-source-mac }| {
}}{any-destination-mac|{host-destination-mac }|{
}}tcp{{ }|any-source| {host-source
}}[s-port { > | range }] {{
> } | any-destination| {host-destination <destination-host-ip> }} [d-port
{ > | range <dPortMax> }] [ack+fin+psh+rst+urg+syn] [precedence
] [tos ][time-range ]
[no]{deny|permit}{any-source-mac|{host-source-mac }|{
}}{any-destination-mac|{host-destination-mac }| {
}}udp{{ }|any-source| {host-source
}}[s-port{ > | range }] {{ >
<destination-wildcard> }|any-destination| {host-destination }} [d-port
{ > | range > <dPortMax> }] [precedence ] [tos
][time-range ]
[no]{deny|permit}{any-source-mac|{host-source-mac}|{
}}{any-destination-mac|{host-destination-mac}|
{}}{eigrp|gre|igrp|ip|ipinip|ospf|{}}
{{}|any-source|{host-source}}
{{}|any-destination|{host-destination
}} [precedence ] [tos
][time-range]
Functions:
Define an extended name MAC-IP ACL rule, ‘No’ form deletes one extended numeric MAC-IP ACL
access-list rule.
