1 mac access-list extended, 1 no mac access-list extended, 2 mac access-list extended rename – Kontron AT8404 CLI User Manual

AT8404

Quality of Service (QoS) Commands

Page 3 - 27

AT8404 CLI Reference Manual

3.7.1

mac access-list extended

This command creates a MAC Access Control List (ACL) identified by <name>, consisting of classification fields
defined for the Layer 2 header of an Ethernet frame. The <name> parameter is a case-sensitive alphanumeric string
from 1 to 31 characters uniquely identifying the MAC access list.

If a MAC ACL by this name already exists, this command enters Mac-Access-List config mode to allow updating the
existing MAC ACL.

3.7.1.1

no mac access-list extended

This command deletes a MAC ACL identified by <name> from the system.

3.7.2

mac access-list extended rename

This command changes the name of a MAC Access Control List (ACL). The <name> parameter is the name of an
existing MAC ACL. The <newname> parameter is a case-sensitive alphanumeric string from 1 to 31 characters
uniquely identifying the MAC access list.

This command fails if a MAC ACL by the name <newname> already exists.

3.7.3

{deny | permit} (MAC ACL)

This command creates a new rule for the current MAC access list. Each rule is appended to the list of configured
rules for the list.

Note: The CLI mode changes to Mac-Access-List Config mode when you successfully execute this
command.

Format

mac access-list extended <name>

Mode

Global Config

Format

no mac access-list extended <name>

Mode

Global Config

Format

mac access-list extended rename <name> <newname>

Mode

Global Config

Note: The 'no' form of this command is not supported, since the rules within a MAC ACL cannot be
deleted individually. Rather, the entire MAC ACL must be deleted and re-specified.

Note: An implicit 'deny all' MAC rule always terminates the access list.

Note: For BCM5630x and BCM5650x based systems, assign-queue, redirect, and mirror attributes are
configurable for a deny rule, but they have no operational effect.