ACL Commands
OL-32830-01 Command Line Interface Reference Guide 126
4
source port in another ACE. If a range of ports is used for a destination port in ACE
it is not counted again if it is also used for a destination port in another ACE.
If a range of ports is used for source port it is counted again if it is also used for
destination port.
If ace-priority is omitted, the system sets the rule's priority to the current highest
priority ACE (in the current ACL) + 20. The ACE-priority must be unique per ACL.If
the user types already existed priority, then the command is rejected.
Example
switchxxxxxx(config)# ipv6 access-list
server
switchxxxxxx(config-ipv6-al)# deny
tcp
3001::2/64
any
any
80
4.7 mac access-list
Use the mac access-list Global Configuration mode command to define a Layer 2
access list (ACL) based on source MAC address filtering and to place the device
in MAC Access-list Configuration mode. All commands after this command refer to
this ACL. The rules (ACEs) for this ACL are defined in the permit ( MAC ) and deny
(MAC) commands. The service-acl input command is used to attach this ACL to an
interface.
Use the no form of this command to remove the access list.
Syntax
mac access-list extended
acl-name
no mac access-list extended
acl-name
Parameters
acl-name—Specifies the name of the MAC ACL (Range: 1–32 characters).
Default Configuration
No MAC access list is defined.
Command Mode
Global Configuration mode
To Next Page
Loading...
Need help?
General