Disable – Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 931
Brocade Mobility RFS Controller CLI Reference Guide
919
53-1003098-01
12
The last ACE in the access list is an implicit deny statement. Whenever the interface receives the
packet, its content is checked against all the ACEs in the ACL. It is allowed or denied based on the
ACL’s configuration.
Example
rfs4000-229D58(config-mac-acl-test)#deny 41-85-45-89-66-77 ff-ff-ff-00-00-00
any
vlan 1 rule-precedence 1
rfs4000-229D58(config-mac-acl-test)#
rfs4000-229D58(config-mac-acl-test)#deny host 00-01-ae-00-22-11 any
rule-precedence 2
rfs4000-229D58(config-mac-acl-test)#
rfs4000-229D58(config-mac-acl-test)#show context
mac access-list test
deny 41-85-45-89-66-77 FF-FF-FF-00-00-00 any vlan 1 rule-precedence 1
deny host 00-01-AE-00-22-11 any rule-precedence 2
rfs4000-229D58(config-mac-acl-test)#
The MAC ACL (in the example below) denies traffic from any source MAC address to a particular
host MAC address:
rfs7000-37FABE(config-mac-acl-test)#
deny any host 00:01:ae:00:22:11
rfs7000-37FABE(config-mac-acl-test)#
The following example denies traffic between two hosts based on MAC addresses:
rfs7000-37FABE(config-mac-acl-test)#
deny host 01:02:fe:45:76:89 host
01:02:89:78:78:45
rfs7000-37FABE(config-mac-acl-test)#
Related Commands:
disable
Disables a MAC deny or permit rule without removing it from the ACL. A disabled rule is inactive and
is not used to filter packets.
Supported in the following platforms:
•
Access Points — Brocade Mobility 650 Access Point, Brocade Mobility 6511 Access Point,
Brocade Mobility 1220 Access Point, Brocade Mobility 71XX Access Point, Brocade
Mobility 1240 Access Point
•
Wireless Controllers — Brocade Mobility RFS4000, Brocade Mobility RFS6000, Brocade
Mobility RFS7000
•
Service Platforms — Brocade Mobility RFS9510
Syntax:
Removes a specified MAC deny access rule