ACL Commands
Cisco Sx350 Ph. 2.2.5 Devices - Command Line Interface Reference Guide
hardware and logging is done in software, if a large number of packets
match an ACE containing a log-input keyword, the software might not be
able to match the hardware processing rate, and not all packets will be
logged.
Default Configuration
No MAC access list is defined.
Command Mode
MAC Access-list Configuration mode
User Guidelines
A MAC ACL is defined by a unique name. IPv4 ACL, IPv6 ACL, MAC ACL or policy
maps cannot have the same name
If ace-priority is omitted, the system sets the rule's priority to the current highest
priority ACE (in the current ACL) + 20. The ACE-priority must be unique per ACL.If
the user types already existed priority, then the command is rejected.
Example
switchxxxxxx(config)# mac access-list extended server1
switchxxxxxx(config-mac-al)# deny 00:00:00:00:00:01 00:00:00:00:00:ff any
2.10 service-acl input
Use the service-acl input command in Interface Configuration mode to bind an
access list(s) (ACL) to an interface.
Use the no form of this command to remove all ACLs from the interface.
Syntax
sevice-acl input acl-name1 [
no service-acl input
Parameters
•
acl-name
—Specifies an ACL to apply to the interface. See the user
guidelines. (Range: 1–32 characters).
acl-name2
] [default-action {deny-any | permit-any}]
2
66