address-mask
| any} [count [byte]] [order] [log
[interval
minutes
][threshold-in-msgs] [
count
]][monitor]
To remove this filter, you have two choices:
• Use the
no seq
sequence-number
command if you know the filter’s
sequence number.
• Use the
no permit ether-type
protocol-type-number
{
destination-mac-address mac-address-mask
| any} vlan
vlan-
id
{
source-mac-address mac-address-mask
| any}
command.
Parameters
protocol-type-
number
Enter a number from 600 to FFF as the specific Ethernet type
traffic to drop.
destination-
mac-address
mac-address-
mask
Enter a MAC address and mask in the nn:nn:nn:nn:nn format.
For the MAC address mask, specify which bits in the MAC
address must match.
The MAC ACL supports an inverse mask; therefore, a mask of
ff:ff:ff:ff:ff:ff allows entries that do not match and a mask of
00:00:00:00:00:00 only allows entries that match exactly.
any
Enter the keyword
any
to match and drop specific Ethernet
traffic on the interface.
vlan
vlan-id
Enter the keyword
vlan
and then enter the VLAN ID to filter
traffic associated with a specific VLAN. The range is 1 to
4094 and 1 to 2094 for ExaScale (you can use IDs 1 to 4094).
To filter all VLAN traffic specify
VLAN 1
.
source-mac-
address mac-
address-mask
Enter a MAC address and mask in the nn:nn:nn:nn:nn format.
For the MAC address mask, specify which bits in the MAC
address must match.
The MAC ACL supports an inverse mask; therefore, a mask of
ff:ff:ff:ff:ff:ff allows entries that do not match and a mask of
00:00:00:00:00:00 only allows entries that match exactly.
count
(OPTIONAL) Enter the keyword
count
to count packets
processed by the filter.
byte
(OPTIONAL) Enter the keyword
byte
to count bytes
processed by the filter.
order
(OPTIONAL) Enter the keyword
order
to specify the QoS
priority for the ACL entry. The range is 0 to 254 (where 0 is
the highest priority and 254 is the lowest; lower order
numbers have a higher priority). If you do not use the
keyword
order
, the ACLs have the lowest order by default
(255).
240
Access Control Lists (ACL)