3 permit – CANOGA PERKINS 9175 Command Reference User Manual
Page 593
33-2
None
Examples
This example shows how to create a filter in ARP ACL to deny ARP response packet whose sender IP
address is 10.10.25.1.
Switch(config-arp-acl)#deny response ip host 10.10.25.1 mac any log
This example shows how to create a filter in ARP ACL to deny ARP request packet whose sender MAC
address is 001A.A02C.A1DF.
Switch(config-arp-acl)#deny response ip any mac host 001A.A02C.A1DF log
Related Commands
no sequence-num
33.3 permit
Use this command to permit ARP packets when match this access-list.
Command Syntax
permit [request |response] ip {ip mask |any |host ip} mac {mac mask |any |host mac} [log]
[request |response]: specified ARP request or ARP response packets to match this
access-list.
When use neither of them, both ARP request and ARP response packets will be
matched.
ip mask: the IP address and its wildcard bits.
any: match all the sender IP address in packets.
host ip: only match the specified sender IP address.
mac mask: the MAC address and its wildcard bits.
any: match all sender MAC address in packets.
host mac: only match the specified sender MAC address.
[log]: add to logs when match the access-list.
Command Mode
ARP ACL configuration
Usage
None
Examples
This example shows how to create a filter in ARP ACL to permit ARP response whose sender IP
address is 10.10.25.1.
Switch(config-arp-acl)#permit response ip host 10.10.25.1 mac any log
This example shows how to create a filter in ARP ACL to permit ARP response whose sender MAC
address is 001A.A02C.A1DF.
Switch(config-arp-acl)#permit response ip any mac host 001A.A02C.A1DF log
This example shows how to create a filter in ARP ACL to permit all the ARP packets.
CanogaOS Command Reference