ACCESS CONTROL LIST COMMANDS

the bottom of the list. To create an ACL, you must add at least one rule to the list.

To remove a rule, use the no permit or no deny command followed by the exact text of a previously configured rule.

An ACL can contain up to 32 rules.

Example

Console(config)#access-list mac jerry

Console(config-mac-acl)#

Related Commands

permit, deny (4-85) mac access-group(4-87) show mac access-list(4-88)

permit, deny (MAC ACL)

Use this command to add a rule to a MAC ACL. The rule filters packets matching a specified MAC source or destination address (i.e., physical layer address), or Ethernet protocol type. Use the no form to remove a rule.

Syntax

{permit deny} [packet-format] {any host source source bitmask}

{any host destination destination bitmask} {any ethertype protocol}

no {permit deny} [packet-format] {any host source source bitmask}

{any host destination destination bitmask} {any ethertype protocol}

packet-format

-tagged-802.3– Tagged Ethernet 802.3 packets.

-tagged-eth2– Tagged Ethernet II packets.

-untagged-802.3– Untagged Ethernet 802.3 packets.

-untagged-eth2– Untagged Ethernet II packets.

4-85

Page 371
Image 371
SMC Networks SMC6724L3 manual Permit, deny MAC ACL, No permit deny packet-format any host source source bitmask