acl-mac-modify

This command is used to modify Access Control Lists (ACLs) based on MAC addresses.

Syntax   acl-mac-modify name name-string action permit|deny [src-mac mac-address] [src-mac-mask mac-address] [dst-mac mac-address] [dst-mac-mask mac-address] [ether-type ipv4|arp|wake|rarp|vlan|ipv6|mpls-uni|mpls-multi|jumbo|aoe|dot1X|lldp|ecp|macsec|ptp|fcoe|fcoe-init|qinq] [vnet vnet-name] [vlan vlan-id] [scope local|fabric] [port port-number]

name string

Specifies the name of the ACL.

action permit|deny

Specifies the permission of the ACL to be either permit or deny.

src-mac mac-address

Specifies the source MAC address of the ACL. The value can be any to match all MAC addresses

src-mac-mask mac-address

Specifies the source MAC address mask.

dst-mac mac-address

Specifies the destination MAC address of the ACL. The value can be any to match all MAC addresses.

dst-mac-mask mac-address

Specifies the destination MAC address mask.

ether-type ipv4|arp|wake|rarp|
vlan|ipv6|mpls-uni|
mpls-multi|jumbo|aoe|
dot1X|lldp|lacp|ecp|

macsec|ptp|fcoe|fcoe-init|qinq

Specifies the EtherType value.

vnet vnet-name

Specify the name of the VNET.

vlan vlan-id

Specifies the VLAN identifier.

scope local|fabric|cluster

Specifies the scope of the ACL.

port port-number

Specifies the switch port number.

Defaults   None

Access   CLI

History   

Version 1.2.1

Command introduced.

Version 2.4.1

The parameter, vnet, added.

Version 2.5.2

The parameter, scope local|fabric|cluster,deprecated.

Usage   MAC access control lists (ACLs) can be used to filter network traffic. This command modifies a new ACL.

Examples  This example shows how to modify a fabric-wide ACL named MyMacACL allowing IPv4 traffic from the host with the MAC address e0:f8:47:14:3c:2e to any host.

CLI network-admin@switch > mac-acl-modify name MyMacACL action permit scope fabric src e0:f8:47:14:3c:2e dst any type ipv4

See Also   

acl-mac-delete

acl-mac-modify

acl-mac-show