Permit, deny (arp acl), Permit, deny (696), Permit, deny – Microsens MS453490M Management Guide User Manual

C

HAPTER

26

| Access Control Lists

ARP ACLs

– 696 –

permit, deny (ARP

ACL)

This command adds a rule to an ARP ACL. The rule filters packets matching

a specified source or destination address in ARP messages. Use the no

form to remove a rule.

S

YNTAX

[no] {permit | deny}

ip {any | host source-ip | source-ip ip-address-bitmask}

mac {any | host source-ip | source-ip ip-address-bitmask} [log]

This form indicates either request or response packets.

[no] {permit | deny} request

ip {any | host source-ip | source-ip ip-address-bitmask}

mac {any | host source-mac | source-mac mac-address-bitmask}

[log]

[no] {permit | deny} response

ip {any | host source-ip | source-ip ip-address-bitmask}

{any | host destination-ip | destination-ip ip-address-bitmask}

mac {any | host source-mac | source-mac mac-address-bitmask}

[any | host destination-mac | destination-mac mac-address-

bitmask] [log]
source-ip – Source IP address.
destination-ip – Destination IP address with bitmask.

ip-address-bitmask

11

– IPv4 number representing the address bits

to match.
source-mac – Source MAC address.
destination-mac – Destination MAC address range with bitmask.

mac-address-bitmask

11

– Bitmask for MAC address (in hexadecimal

format).
log - Logs a packet when it matches the access control entry.

D

EFAULT

S

ETTING

None

C

OMMAND

M

ODE

ARP ACL

C

OMMAND

U

SAGE

New rules are added to the end of the list.

11. For all bitmasks, binary “1” means care and “0” means ignore.