ACL Commands
deny (MAC)
Cisco 220 Series Smart Plus Switches Command Line Interface Reference Guide Release 1.0.0.x
To set deny conditions (conditions are also known as access control entries
[ACEs]) for a MAC-based ACL, use the deny MAC Access-List Configuration mode
command.
To remove a MAC-based ACE, use the no sequence command.
Syntax
source source-wildcard
deny {any |
vlan-id
cos cos-wildcard
] [cos
value
no sequence
Parameters
•
any—Any source or destination MAC address of the packet.
source
•
—Source MAC address of the packet.
•
source-wildcard
destination
•
—Destination MAC address of the packet.
destination-wildcard
•
address.
vlan-id
•
vlan
—(Optional) Specifies the VLAN ID of the packet. (Range: 1 to
4094)
•
cos
cos
—(Optional) Specifies the CoS value of the packet. (Range: 0 to 7)
cos-wildcard
•
—(Optional) Wildcard bits to be applied to the CoS value.
value
•
ethtype
—(Optional) Specifies the Ethernet type in hexadecimal
format of the packet.
destination destination-wildcard
} {any |
value
] [ethtype
—Wildcard bits to be applied to the source MAC address.
—Wildcard bits to be applied to the destination MAC
] [disable-port]
4
} [vlan
67