Access Control List Commands
4-1074
show access-list mac mask-precedence This command shows the ingress or egress rule masks for MAC ACLs.
Syntax
show access-list mac mask-precedence [in | out]
•in – Ingress mask precedence for ingress ACLs.
•out – Egress mask precedence for egress ACLs.
Command Mode
Privileged Exec
Example
Related Commands
mask (MAC ACL) (4-105)
mac access-groupThis command binds a port to a MAC ACL. Use the no form to remove the port.
Syntax
mac access-group acl_name {in | out}
•acl_name – Name of the ACL. (Maximum length: 16 characters)
•in – Indicates that this list applies to ingress packets.
•out – Indicates that this list applies to egress packets.
Default Setting
None
Command Mode
Interface Configuration (Ethernet)
Command Usage
• A port can only be bound to one ACL.
• If a port is already bound to an ACL and you bind it to a different ACL, the
switch will replace the old binding with the new one.
• You must configure a mask for an ACL rule before you can bind it to a port.
Example
Console#show access-list mac mask-precedence
MAC egress mask ACL:
mask pktformat host any vid ethertype
Console#
Console(config)#interface ethernet 1/9
Console(config-if)#mac access-group jerry in
Console(config-if)#