6 access-list(mac-ip extended), Access, List – PLANET XGS3-24040 User Manual

Commands for Security Function Chapter 2 Commands for 802.1x

41-6

Examples: Permit tagged-eth2 with any source MAC addresses and any destination MAC addresses

and the packets whose 17th and 18th byte is 0x08 , 0x0 to pass.

Switch(config)#access-list 1100 permit any-source-mac any-destination-mac tagged-eth2 16 2

0800

41.6 access-list(mac-ip extended)

Command:

access-list{deny|permit}{any-source-mac|

{host-source-mac}|{}}

{any-destination-mac|{host-destination-mac

}|{}}icmp

{{}|any-source|{host-source}}

{{}|any-destination|

{host-destination}}[ []] [precedence ]

[tos ][time-range]

access-list{deny|permit}{any-source-mac|

{host-source-mac}|{}}

{any-destination-mac|{host-destination-mac

}|{}}igmp

{{}|any-source|{host-source}}

{{}|any-destination| {host-destination}}

[] [precedence ] [tos ][time-range]

access-list {deny|permit}{any-source-mac| {host-source-mac }|{

}}{any-destination-mac| {host-destination-mac

}|{

}}tcp {{

}|any-source| {host-source

}}[s-port{ | range }] {{

} | any-destination | {host-destination }} [d-port

{ | range }] [ack+fin+psh+rst+urg+syn] [precedence

] [tos ] [time-range ]

access-list {deny|permit}{any-source-mac| {host-source-mac }|{

}}{any-destination-mac| {host-destination-mac

}|{

}}udp {{

}|any-source| {host-source

}}[s-port{ | range }] {{

}|any-destination|

{host-destination

}}[d-port{ | range }] [precedence

] [tos ][time-range ]

access-list {deny|permit}{any-source-mac| {host-source-mac }|{

}} {any-destination-mac|{host-destination-mac

}|{

}} {eigrp|gre|igrp|ip|ipinip|ospf|{

}}

{{

}|any-source|{host-source

}} {{

}|any-destination| {host-destination }} [precedence

] [tos ][time-range ]

Functions: Define a extended numeric MAC-IP ACL rule, ‘No’ command deletes a extended numeric

MAC-IP ACL access-list rule.

Parameters: num access-list serial No. this is a decimal’s No. from 3100-3299;deny if rules are