mac

ManualsBrandsip ManualsNetworkingipv6

361

362

363

364

365

366

367

368

369

370

367

<destination-host-ip> }}[d-port{ <port3> | range <dPortMin> <dPortMax> }]

[precedence <precedence> ] [tos <tos> ][time-range <time-range-name> ]

access-list <num> {deny|permit}{any-source-mac| {host-source-mac

<host_smac> }|{ <smac> <smac-mask> }}

{any-destination-mac|{host-destination-mac <host_dmac> }|{ <dmac>

<dmac-mask> }} {eigrp|gre|igrp|ip|ipinip|ospf|{ <protocol-num> }} {{ <source>

<source-wildcard> }|any-source|{host-source <source-host-ip> }} {{ <destination>

<destination-wildcard> }|any-destination| {host-destination <destination-host-ip> }}

[precedence <precedence> ] [tos <tos> ][time-range <time-range-name> ]

Functions: Define an extended numeric MAC-IP ACL rule, no command deletes a

extended numeric MAC-IP ACL access-list rule.

Parameters: num access-list serial No. this is a decimal‘s No. from 3100-3299; deny if

rules are matching, deny to access; permit if rules are matching, permit to access;

any-source-mac: any source MAC address; any-destination-mac: any destination MAC

address; host_smac , smac: source MAC address; smac-mask: mask (reverse mask) of

source MAC address ; host_dmac , dmas destination MAC address; dmac-mask mask

(reverse mask) of destination MAC address; protocol No. of name or IP protocol. It can

be a key word: eigrp, gre, icmp, igmp, igrp, ip, ipinip, ospf, tcp, or udp, or an integer from

0-255 of list No. of IP address. Use key word ‗ip‘ to match all Internet protocols (including

ICMP, TCP, AND UDP) list; source-host-ip, source No. of source network or source

host of packet delivery. Numbers of 32-bit binary system with dotted decimal notation

expression; host: means the address is the IP address of source host, otherwise the IP

address of network; source-wildcard: reverse of source IP. Numbers of 32-bit binary

system expressed by decimal‘s numbers with four-point separated, reverse mask;

destination-host-ip, destination No. of destination network or host to which packets are

delivered. Numbers of 32-bit binary system with dotted decimal notation expression; host:

means the address is the that the destination host address, otherwise the network IP

address; destination-wildcard: mask of destination. I Numbers of 32-bit binary system

expressed by decimal‘s numbers with four-point separated, reverse mask;

s-port(optional): means the need to match TCP/UDP source port; port1(optional): value

of TCP/UDP source interface No., Interface No. is an integer from 0-65535;

d-port(optional): means need to match TCP/UDP destination interface; <sPortMin>, the

down boundary of source port; <sPortMax>, the up boundary of source port;

port3(optional): value of TCP/UDP destination interface No., Interface No. is an integer

from 0-65535; <dPortMin>, the down boundary of destination port;<dPortMax>, the up

boundary of destination port; [ack] [fin] [psh] [rst] [urg] [syn],(optional) only for TCP

protocol, multi-choices of tag positions are available, and when TCP data reports the