Deny (Mac) - Cisco 300 Series Cli Manual
Small business 300 series managed switches
command line interface guide release 1.3
Hide thumbs
Also See for 300 Series:
- Cli manual (1117 pages) ,
- Administration manual (586 pages) ,
- Quick start manual (72 pages)
Table of Contents
Advertisement
48
784
48.9
deny (MAC)
Use the deny command in MAC Access List Configuration mode to set deny
conditions (ACEs) for a MAC ACL.
Syntax
{any | source source-wildcard} {any | destination destination-wildcard}
deny
[{eth-type 0}| aarp | amber | dec-spanning | decnet-iv | diagnostic | dsm |
etype-6000] [vlan vlan-id] [cos cos cos-wildcard] [time-range time-range-name]
[disable-port | log-input]
Parameters
•
source—Source MAC address of the packet.
•
source-wildcard—Wildcard bits to be applied to the source MAC address.
Use ones in the bit position that you want to be ignored.
•
destination—Destination MAC address of the packet.
•
destination-wildcard—Wildcard bits to be applied to the destination MAC
address. Use 1s in the bit position that you want to be ignored.
•
eth-type—The Ethernet type in hexadecimal format of the packet.
•
vlan-id—The VLAN ID of the packet. (Range: 1–4094)
•
cos—The Class of Service of the packet.(Range: 0–7)
•
cos-wildcard—Wildcard bits to be applied to the CoS.
•
time-range-name—Name of the time range that applies to this permit
statement.(Range: 1–32)
•
disable-port—The Ethernet interface is disabled if the condition is matched.
•
log-input—Sends an informational syslog message about the packet that
matches the entry. Because forwarding is done in hardware and logging is
done in software, if a large number of packets match a deny ACE containing
a log-input keyword, the software might not be able to match the hardware
processing rate, and not all packets will be logged.
Default Configuration
No MAC access list is defined.
78-21075-01 Command Line Interface Reference Guide
ACL Commands
Advertisement
Table of Contents
