Accton Technology ES5508 Switch User Manual


 
Command Line Interface
4-104
4
access-list mac mask-precedence
This command changes to MAC Mask mode used to configure access control
masks. Use the no form to delete the mask table.
Syntax
[no] access-list ip mask-precedence {in | out}
in – Ingress mask for ingress ACLs.
out – Egress mask for egress ACLs.
Default Setting
Default system mask: Filter inbound packets according to specified MAC ACLs.
Command Mode
Global Configuration
Command Usage
You must configure a mask for an ACL rule before you can bind it to a port or
set the queue or frame priorities associated with the rule.
A mask can only be used by all ingress ACLs or all egress ACLs.
The precedence of the ACL rules applied to a packet is not determined by
order of the rules, but instead by the order of the masks; i.e., the first mask
that matches a rule will determine the rule that is applied to a packet.
Example
Related Commands
mask (MAC ACL) (4-104)
mac access-group (4-107)
mask (MAC ACL)
This command defines a mask for MAC ACLs. This mask defines the fields to check
in the packet header. Use the no form to remove a mask.
Syntax
[no] mask [pktformat]
{any | host | source-bitmask} {any | host | destination-bitmask}
[vid [vid-bitmask]] [ethertype [ethertype-bitmask]]
pktformat – Check the packet format field. (If this keyword must be used in
the mask, the packet format must be specified in ACL rule to match.)
any – Any address will be matched.
host – The address must be for a single node.
source-bitmask – Source address of rule must match this bitmask.
destination-bitmask – Destination address of rule must match this bitmask.
vid – Check the VLAN ID field.
Console(config)#access-list mac mask-precedence in
Console(config-mac-mask-acl)#