Setting value
Description
HHHH.HHHH.HHHH
WWWW.WWWW.WWWW
Specifies the MAC address
(HHHH.HHHH.HHHH) with wildcard bits
(WWWW.WWWW.WWWW)
host HHHH.HHHH.HHHH
Specifies an individual MAC address
(HHHH.HHHH.HHHH)
any
Applies to all MAC addresses
[Initial value]
none
[Input mode]
global configuration mode
[Description]
Generates a MAC access list.
Multiple conditions (maximum 39) can be specified for the generated access list.
To apply the generated access list, execute the
access-group
command in interface mode.
If the "no" syntax is used to specify "action" and following, the MAC access list that matches all conditions is deleted.
If the "no" syntax is used without specifying "action" and following, the MAC access list of the matching access ID is deleted.
[Note]
An access list that is applied to a LAN/SFP port cannot be deleted using the "no" syntax. You must first cancel the application,
and then delete the access list.
"W" and "H" represent a single character from the range 0-9, a-f, and A-F.
[Example]
Create MAC access list #2001 which denies frames from MAC address 00-A0-DE-12-34-56.
SWR2311P(config)#access-list 2001 deny mac 00A0.DE12.3456 0000.0000.0000 any
Delete MAC access list #2001.
SWR2311P(config)#no access-list 2001
9.1.8 Add comment to MAC access list
[Syntax]
access-list
mac-acl-id
description
line
no
access-list
mac-acl-id
description
[Parameter]
mac-acl-id
:
<2001-3000>
ID of MAC access list to which a comment will be added
line
:
Comment to add. Up to 32 ASCII characters can be specified
[Initial value]
none
[Input mode]
global configuration mode
[Description]
Adds a comment (remark) to the already-generated MAC access list.
If this is executed with the "no" syntax, the comment is deleted from the MAC access list.
[Note]
You can use this command to add a comment even after the access list has been applied to the LAN/SFP port. (The last-written
comment overwrites the previous one.)
222
| Command Reference | Traffic control