5 access-list(mac extended), Access, List – PLANET XGS3-24042 User Manual

47-7

Switch(config)#access-list 20 deny 10.1.1.0 0.0.255.255

47.5 access-list(mac extended)

Command:

access-list {deny | permit} {any-source-mac | {host-source-mac } |

{ }} {any-destination-mac | {host-destination-mac } |

{ }} {untagged-eth2 | tagged-eth2 | untagged-802-3 | tagged-802-3}

[ [ [

> [ ]]]]]

no access-list

Functions:

Define an extended numeric MAC ACL rule, “no access-list ” command deletes an

extended numeric MAC access-list rule.

Parameters:

is the access-list No. which is a decimal’s No. from 1100-1199; deny if rules are matching,

deny access; permit if rules are matching, permit access; any source address;

any destination address; , source MAC address;

mask (reverse mask) of source MAC address; , destination

MAC address; mask (reverse mask) of destination MAC address; untagged-eth2

format of untagged ethernet II packet; tagged-eth2 format of tagged ethernet II packet;

untagged-802-3 format of untagged ethernet 802.3 packet; tagged-802-3 format of tagged

ethernet 802.3 packet. Offset(x) the offset from the packet head, the range is (12-79), the windows

must start from the back of source MAC, and the windows cannot superpose each other, and that is

to say: Offset(x＋1) must be longer than Offset(x)＋len（x）; Length(x) length is 1-4, and Offset(x)

＋Length(x) should not be longer than 80（currently should not be longer than 64）; Value(x) hex

expression, Value range: when Length(x) =1, it is 0-ff, when Length(x) =2, it is 0-ffff , when

Length(x) =3, it is0-ffffff, when Length(x) =4, it is 0-ffffffff ;

For Offset(x), different types of data frames are with different value ranges:

for untagged-eth2 type frame: <12～75>

for untagged-802.2 type frame: <20～75>

for untagged-eth2 type frame: <12～79>

for untagged-eth2 type frame: <12～15> <24～79>

Command Mode:

Global mode

Default Configuration: