Users Guide
ip access-list mac
ip access-list mac {<number>|<name>}
deny {<macaddr>[<wildcard>]|any|host <macaddr>} [mirror]
no ...
permit {<macaddr>[<wildcard>]|any|host <macaddr>} [mirror]
Description
This command configures a MAC access control list (ACL).
Syntax
Parameter Description Range
mac
Configures a MAC access list. Enter a name, or a number in the
specified range.
700-799, 1200-
1299
deny
Reject the specified packets, which can be the following:
MAC address and optional wildcard
any: any packets
host: specify a MAC address
Optionally, you can configure the mirror parameter, which mirrors
packets to a datapath or remote destination.
—
no
Negates any configured parameter. —
permit
Allow the specified packets, which can be the following:
MAC address and optional wildcard
any: any packets
host: specify a MAC address
Optionally, you can configure the mirror parameter, which mirrors
packets to a datapath or remote destination.
—
Usage Guidelines
MAC ACLs allow filtering of non-IP traffic. This ACL filters on a specific source MAC address or range of MAC
addresses.
If you configure the mirror option, define the destination to which mirrored packets are sent in the firewall
policy. For more information, see firewall on page 389.
Example
The following command configures a MAC ACL:
(host) (config) #ip access-list mac 700
deny 11:11:11:00:00:00
Dell Networking W-Series ArubaOS 6.4.x | User Guide ip access-list mac | 504