Manualshelf

Service Manual

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048-ON
221222223224225226227228229230
deny
To drop packets that match the lter criteria, congure a lter.
Syntax
deny {any | host mac-address | mac-source-address mac-source-address-mask} {any
| host mac-address | mac-destination-address mac-destination-address-mask}
[ethertype-operator] [count [byte]] [log [interval minutes] [threshold-in-msgs
[count]] [monitor]
To remove this lter, you have two choices:
Use the no seq sequence-number command if you know the lter’s sequence number.
Use the no deny {any | host mac-address | mac-source-address mac-source-
address-mask} {any | host mac-address | mac-destination-address mac-
destination-address-mask} command.
Parameters
any Enter the keyword any to drop all packets.
host mac-address Enter the keyword host and then enter a MAC address to drop packets with that host
address.
mac-source-
address
Enter a MAC address in nn:nn:nn:nn:nn:nn format.
mac-source-
address-mask
Specify which bits in the MAC address must match.
The MAC ACL supports an inverse mask; therefore, a mask of ::::: allows entries
that do not match and a mask of 00:00:00:00:00:00 only allows entries that match
exactly.
mac-destination-
address
Enter the destination MAC address and mask in nn:nn:nn:nn:nn:nn format.
mac-destination-
address-mask
Specify which bits in the MAC address must match.
The MAC ACL supports an inverse mask; therefore, a mask of ::::: allows entries
that do not match and a mask of 00:00:00:00:00:00 only allows entries that match
exactly.
ethertype operator (OPTIONAL) To lter based on protocol type, enter one of the following Ethertypes:
ev2 - is the Ethernet II frame format
llc - is the IEEE 802.3 frame format
snap - is the IEEE 802.3 SNAP frame format
count (OPTIONAL) Enter the keyword count to count packets processed by the lter.
byte (OPTIONAL) Enter the keyword byte to count bytes processed by the lter.
log (OPTIONAL) Enter the keyword log to include ACL messages in the log.
threshold-in msgs
count
(OPTIONAL) Enter the threshold-in-msgs keyword followed by a value to indicate
the maximum number of ACL logs that can be generated, exceeding which the generation
of ACL logs is terminated with the seq, permit, or deny commands. The threshold
range is from 1 to 100.
226 Access Control Lists (ACL)