Service Manual
permit
To pass packets matching the criteria specied, congure a lter.
Syntax
permit {any | host mac-address | mac-source-address mac-source-address-
mask} {any | host mac-address | mac-destination-address mac-destination-
address-mask} [ethertype operator] [count [byte]] | [log] [monitor]
To remove this lter, you have two choices:
• Use the no seq sequence-number command if you know the lter’s sequence number.
•
Use the no permit {any | host mac-address | mac-source-address mac-source-
address-mask} {any | mac-destination-address mac-destination-address-
mask} command.
Parameters
any Enter the keyword any to forward all packets.
host Enter the keyword host then a MAC address to forward packets with that host
address.
mac-source-
address
Enter a MAC address in nn:nn:nn:nn:nn:nn format.
mac-source-
address-mask
(OPTIONAL) Specify which bits in the MAC address must match.
The MAC ACL supports an inverse mask; therefore, a mask of :::: : allows
entries that do not match and a mask of 00:00:00:00:00:00 only allows entries that
match exactly.
mac-destination-
address
Enter the destination MAC address and mask in nn:nn:nn:nn:nn:nn format.
mac-destination-
address-mask
Specify which bits in the MAC address must be matched.
The MAC ACL supports an inverse mask; therefore, a mask of :::: : allows
entries that do not match and a mask of 00:00:00:00:00:00 only allows entries that
match exactly.
ethertype operator (OPTIONAL) To lter based on protocol type, enter one of the following
Ethertypes:
• ev2 - is the Ethernet II frame format
• llc - is the IEEE 802.3 frame format
•
snap - is the IEEE 802.3 SNAP frame format
count (OPTIONAL) Enter the keyword count to count packets the lter processes.
byte (OPTIONAL) Enter the keyword byte to count bytes the lter processes.
log (OPTIONAL, E-Series only) Enter the keyword log to log the packets.
monitor (OPTIONAL) Enter the keyword monitor when the rule is describing the trac
that you want to monitor and the ACL in which you are creating the rule is applied
to the monitored interface.
236
Access Control Lists (ACL)