Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual
Page 932
920
Brocade Mobility RFS Controller CLI Reference Guide
53-1003098-01
12
disable [deny|permit] [<SOURCE-MAC> <SOURCE-MAC-MASK>|any|host
<SOURCE-HOST-MAC>]
[<DEST-MAC> <DEST-MAC-MASK>|any|host <DEST-HOST-MAC>] (dot1p
<0-7>,type [8021q|
<1-65535>|aarp|appletalk|arp|ip|ipv6|ipx|mint|rarp|wisp],vlan
<1-4095>) log
(rule-recedence <1-5000>) {(rule-description <LINE>)}
Parameters
disable [deny|permit] [<SOURCE-MAC> <SOURCE-MAC-MASK>|any|host
<SOURCE-HOST-MAC>]
[<DEST-MAC> <DEST-MAC-MASK>|any|host <DEST-HOST-MAC>] (dot1p <0-7>,type
[8021q|
<1-65535>|aarp|appletalk|arp|ip|ipv6|ipx|mint|rarp|wisp],vlan <1-4095>) log
(rule-recedence <1-5000>) {(rule-description <LINE>)}
Example
The following example shows the MAC access list ‘test’ settings before the
‘disable’ command is executed:
disable [deny|permit]
Disables a deny or permit access rule without removing it from the MAC ACL
Provide the exact values used to configure the deny or permit rule that is to be disabled.
<SOURCE-MAC>
<SOURCE-MAC-MASK>
Specifies the source MAC address and mask to match
•
<SOURCE-MAC> – Specify the source MAC address to match.
•
<SOURCE-MAC-MASK> – Specify the source MAC address mask.
any
Select ‘any’ if the rule is applicable to any source MAC address
host
<SOURCE-HOST-MAC>
Specify the source host’s exact MAC address
<DEST-MAC>
<DEST-MAC-MASK>
Specifies the destination MAC address and mask to match
•
<DEST-MAC> – Specify the destination MAC address.
•
<DEST-MAC-MASK> – Specify the destination MAC address mask.
any
Select ‘any’ if the rule is applicable to any destination MAC address
host
<DEST-HOST-MAC>
Specify the destination host’s exact MAC address
log
The following keyword defines the action taken when a packet matches any or all of the above specified
criteria
•
log – Logs a record. when a packet matches the specified criteria
dotp1p <0-7>
Specify the 802.1p priority from 0 - 7.
type
[8021q|<1-65535>|
aarp|appletalk|
arp|ip|ipv6|ipx|mint|
rarp|wisp]
Use the available options to specify the EtherType value.
vlan <1-4095>
Specify the VLAN ID(s)
log
Select log, if the rule has been configured to log records in case of a match.
rule-precedence
<1-5000>
{(rule-description
<LINE>)}
The following keywords are recursive and common to all of the above parameters:
•
rule-precedence – Provide the precedence assigned to this deny or permit rule.
•
<1-5000> – Specify a value from 1 - 5000. The rule with the specified precedence is removed form
the MAC ACL.
•
rule-description <LINE> – Optional. Enter the description configured for this deny or permit rule.