This is a new command that needs to be created to allow for the configuration of MAC-based access control lists.
Start quickly with the most recent versions of Word, Excel, PowerPoint, Outlook, OneNote and OneDrive —combining the familiarity of Office and the unique Mac features you love. Work online or offline, on your own or with others in real time—whatever works for what you’re doing. Private Internet Access for Mac. 2,061 downloads Updated: September 8, 2020 Demo. Review Free Download specifications 100% CLEAN report malware. Stay anonymous when browsing the web, unlock regional content restrictions, block ads, trackers and more, with this trustworthy VPN client.
Syntax
Configure a standard MAC Access Control List.
NAME-STR | The standard MAC ACL name. |
200-299 | The standard MAC ACL number. |
Standard MAC ACL Configuration
Description: Configure the standard MAC ACL to filter the packets based on the source MAC address. The standard MAC ACL number ranges from 200 to 299.
Syntax
Configure an extended MAC Access Control List.
NAME-STR | The extended MAC ACL name. |
300-399 | The extended MAC ACL number. |
Extended MAC ACL Configuration
Configure the extended MAC ACL to filter the packets based on the source MAC address, destination MAC address, ethertype, CoS priority, or VLAN number. The extended MAC ACL number ranges from 300 to 399.
Syntax
Renumber the sequence number of the rules in the MAC ACL specified.
<1-2147483647> | The sequence number assigned to the first rule of the specified MAC ACL. |
<1-2147483646> | The increment value that renumbers the subsequent rules in the specified MAC ACL. |
Resequencing MAC ACL
Description: Renumber the sequence number of the rules in the MAC ACL specified. The first rule receives the sequence number specified in the start-seq-num and the subsequent rule numbers increment per the increment value.
NOTE: Similar Command
|
This command is used to configure MAC ACL with a simplified configuration. A simplified configuration provides a way to easily configure MAC ACLs that only require matching on a source MAC address.
Syntax
[no]SEQ-NUMpermit|denyany|host SRC-MAC|SRC-MAC-MASKlog
permit | Packets matching the specified Ethernet header information. |
deny | Packets matching the specified Ethernet header information. |
any | Match the packets with any source MAC address. |
host | Match the packets with the specified source MAC address. |
SRC-MAC | Match the packets belonging to the specified source MAC address range. |
SRC-MAC-MASK | The MAC address group mask. |
log | Log a debug message when the MAC ACL rule is hit. |
NOTE: Similar Command
|
Syntax
Add a comment for the MAC ACL rule specified. The maximum comment length is 100 characters.
Syntax
[no]SEQ-NUMpermit|denyany|host SRC-MAC|SRC-MAC SRC-MAC-MASKany|host DST-MAC|DST-MAC DST-MAC-MASKany| logETHERTYPEcos COS
Used to configure an extended MAC ACL. The extended capabilities allow for matching on source MAC address, destination Mac address, EtherType, CoS, and VLAN. The VLAN value is only applicable when the MAC ACL is applied to a port or trunk interface.
permit | Packets matching the specified Ethernet Header information. |
deny | Packets matching the specified Ethernet Header information. |
any | Match packets with any source/destination MAC address. |
host | Match packets with the specified source/destination MAC address. |
SRC-MAC | Match packets belonging to the specified source/destination MAC address range. |
SRC-MAC-MASK | The source MAC address group mask. |
DST-MAC-MASK | The destination MAC address group mask. |
<0x600-0xFFFF> | Match a specific EtherType protocol. |
aarp | AppleTalk Address Resolution Protocol (AARP) |
appletalk | AppleTalk/EtherTalk |
arp | Address Resolution Protocol (ARP) |
fcoe | Fibre Channel over Ethernet |
fcoe-init | Fibre Channel over Ethernet Initialization |
lldp | Link Layer Discovery Protocol |
ip | Internet Protocol Version 4 |
ipv6 | Internet Protocol Version 6 |
ipx-arpa | IPX Advanced Research Projects Agency (ARPA) |
ipx-non-arpa | IPX non-ARPA |
is-is | Intermediate System to Intermediate System |
mpls-unicast | MPLS Unicast |
mpls-multicast | MPLS Multicast |
q-in-q | IEEE 802.1ad encapsulation |
rbridge | RBridge Channel Protocol |
trill | IETF TRILL protocol |
wake-on-lan | Wake on LAN |
log | Log a debug message when the MAC ACL rule is hit. |
cos | Match packets with a specified 802.1Q Priority Code Point value. |
vlan | Match packets with the specified VLAN value. |
VLAN-ID | Match packets with the specified VLAN value. |
<0-7> | Match packets with a specified 802.1Q Priority Code Point value. |
NOTE: Similar Command
|
The remark command allows for the insertion of a string at the specified sequence number. The remark will consume the sequence number where it is specified and will remain in proper order if the list is resequenced. The remark ability provides a way of tracking notes inside the given ACL but they do not affect the behavior of the ACL.
Syntax
Add a comment for the MAC ACL or MAC ACL rule specified. The maximum comment length is 100 characters.
This command is used to apply a MAC ACL to an interface.
Syntax
Apply a MAC ACL to traffic on a port. A standard or extended MAC ACL filters packets based on the source MAC address, destination MAC address, ethertype, CoS, or VLAN.
ASCII-STR | The MAC ACL name. |
in | Apply MAC ACL on the inbound packets. |
NOTE: Similar command
|
This command is used to apply a MAC ACL to a VLAN .
Syntax
Apply a MAC ACL to traffic on a VLAN. A standard or extended MAC ACL filters packets based on the source MAC address, destination MAC address, ethertype, CoS, or VLAN.
ASCII-STR | The MAC ACL name. |
in | Apply MAC ACL on the inbound packets. |
NOTE: Similar command
|
Syntax
show access-list ACL-NAME-STRconfig|config|ports|radius|resources|tunnelTUNNEL-ID|vlan VLAN-ID
Show access control list information. If no parameters are specified, a table of ACL information is displayed.
ACL-NAME-STR | Display detailed information about the specified ACL. |
config | Show all configured ACLs on the switch using the CLI syntax used to create them. |
ports | Show ACLs applied to the specified ports. |
radius | Display ACLs applied via RADIUS. |
resources | Display ACL resource usage and availability. |
tunnel | Show ACLs applied to the specified tunnel. |
vlan | Show ACLs applied to the specified VLAN. |
This command is used to display the details about a specific ACL.
Syntax
Show access-list 300
Show access-list 100
Syntax
Used to display a specific ACL as it would be shown in configuration.
mac-access-list
Syntax
Used to display the current ACLs that are applied to a specified port.
Show access-list
Syntax
Used to display the current ACLs that are applied to a specified VLAN.
VLAN-ID | Show ACLs applied to the specified VLAN. |
all | Show ACLs applied to all VLANs. |
Syntax
Used to display current resource usage and availability in the policy enforcement engine.
Show access-list resource
The hardware (TCAM) resources used by the ACLs configured on the switch is 4 of 8 Policy Engine management resources.
| Key | |
|---|---|
| ACL | Access Control Lists |
| QoS | Quality of Service |
| IDM | Identity Driven Management |
| VT | Virus Throttling |
| Mirror | Mirror Policies, Remote Intelligent Mirror endpoints |
| PBR | Policy Based Routing |
| Other | Management VLAN, DHCP Snooping, ARP Protection, Jumbo IP-MTU, Transparent Mode. |
Resource usage includes resources actually in use, or reserved for future use by the listed feature. Internal dedicated-purpose resources, such as port bandwidth limits or VLAN QoS priority, are not included.
The show statistics command will need to be updated to take a MAC parameter.
Syntax
Used to display hit counts for a given MAC ACL.
Access For Mac Database
mac | Display the statistics of MAC ACL. |
ACL-NAME-STR | The MAC ACL name. |
port | Show statistics for the specified port. |
[ethernet] PORT-NUM | The port on which the MAC ACL is applied. |
Access For The Mac
Syntax
show statistics mac ACL-NAME-STR vlan VLAN-IDin|out|vlan
vlan | Show statistics for the specified VLAN. |
VLAN-ID | The VLAN ID or VLAN name. |
in | Show statistics for MAC ACLs that are applied inbound. |
out | Show statistics for MAC ACLs that are applied outbound. |
show statistics mac superMac vlan 10 in
The clear statistics command will need to be updated to take a MAC parameter.
Syntax
Clear all the counters for the ACLs that match the criteria specified.
mac | Clear the statistics for MAC ACL. |
ACL-NAME-STR | The MAC ACL name or the MAC ACL number. |
port | Clear statistics for the specified port. |
[ethernet] PORT-NUM | The port from which the MAC ACL statistics is cleared. |
Syntax
clear statistics mac ACL-NAME-STRport PORT-NUM|VLAN VLAN-IDin|out|vlan
VLAN | Clear statistics for the specified VLAN. |
VLAN-ID | The VLAN ID or VLAN name. |
in | Clear statistics for inbound packets on the VLAN. |
out | Clear statistics for outbound packets on the VLAN. |
Microsoft Word For Mac
Clear statistics mac superMac