mac

Configures, modifies, or retrieves MAC access list.

Resource URIs

URI Description
<base_URI>/config/running/mac MAC access list.
<base_URI>/config/running/mac/access-list/standard Standard MAC ACL.
<base_URI>/config/running/mac/access-list/standard/{ACL-name}/seq Sequence number.
<base_URI>/config/running/mac/access-list/extended Extended IP ACL.
<base_URI>/config/running/mac/access-list/extended/{ACL-name}/seq Sequence number.
GET URIs Description
<base_URI>/config/running/mac/access-list/standard/{name}/seq/{seq-id}/srchost Displays source host for a standard MAC ACL.
<base_URI>/config/running/mac/access-list/standard/{name}/seq/{seq-id}/src-mac-addr-mask Displays the source MAC address and the comparison mask for a standard MAC ACL.
<base_URI>/config/running/mac/access-list/standard/{name}/seq/{seq-id}/count Displays statistics for the rule for a standard MAC ACL.
<base_URI>/config/running/mac/access-list/standard/{name}/seq/{seq-id}/log Displays inbound logging for the rule for a standard MAC ACL.
<base_URI>/config/running/mac/access-list/standard/{name}/seq/{seq-id}/copy-sflow Displays copy sflow status.
<base_URI>/config//{name}/seq/{seq-id}/dst Displays the destination MAC address for a standard MAC ACL.
<base_URI>/config/running/mac/access-list/extended/{name}/seq/{seq-id}/dst-mac-addr-mask Displays the source MAC address and the comparison mask for an extended MAC ACL.
<base_URI>/config/running/mac/access-list/extended/{name}/seq/{seq-id}/ethertype Displays the ethertype for an extended MAC ACL.
<base_URI>/config/running/mac/access-list/extended/{name}/seq/{seq-id}/vlan Displays the VLAN interface to which the ACL is bound.
<base_URI>/config/running/mac/access-list/extended/{name}/seq/{seq-id}/pcp Displays Filters by PCP priority value.
<base_URI>/config/running/mac/access-list/extended/{name}/seq/{seq-id}/pcp-force Displays pcp force status.
<base_URI>/config/running/mac/access-list/extended/{name}/seq/{seq-id}/drop-precedence-force Displays whether trap behavior for control frames is overridden.
<base_URI>/config/running/mac/access-list/extended/{name}/seq/{seq-id}/count Displays statistics for the rule for a standard MAC ACL.
<base_URI>/config/running/mac/access-list/extended/{name}/seq/{seq-id}/log Displays inbound logging for the rule for a standard MAC ACL.
<base_URI>/config/running/mac/access-list/extended/{name}/seq/{seq-id}/mirror Displays whether mirror is enabled. Supported for rules in ACLs applied on physical interfaces to inbound traffic.
<base_URI>/config/running/mac/access-list/extended/{name}/seq/{seq-id}/copy-sflow Displays copy sflow status. Supported for incoming traffic.
POST URIs Payload Description
<base_URI>/config/running/mac/access-list <standard><name>{req_val}</name></standard> Creates a standard MAC access control list (ACL).
<base_URI>/config/running/mac/access-list/standard/{name} <seq><seq-id>{req_val}</seq-id><action>{enumeration}</action><source>{enumeration}</source></seq> Configures a standard MAC ACL.
<base_URI>/config/running/mac/access-list <extended><name>{req_val}</name></extended> Creates an extended MAC access control list (ACL).
<base_URI>/config/running/mac/access-list/extended/{name} <seq><seq-id>{req_val}</seq-id><action>{enumeration}</action><source>{enumeration}</source><srchost>{mac-address-type}</srchost><src-mac-addr-mask>{src-dst-mac-address-mask-type}</src-mac-addr-mask><dst>{enumeration}</dst></seq> Configures an extended MAC ACL.
DELETE URIs
<base_URI>/config/running/mac/access-list/standard/{name}
<base_URI>/config/running/mac/access-list/standard/{name}/seq/{seq-id}
<base_URI>/config/running/mac/access-list/extended/{name}
<base_URI>/config/running/mac/access-list/extended/{name}/seq/{seq-id}

Parameters

name
Specifies the MAC access list name.
seq
Configure the sequence number.
seq-id
Specifies the sequence ID.
action
Specifies the action to be performed. Supported actions are deny, hard-drop, and permit. Configuring deny drops traffic. Configuring hard-drop force drops traffic. Configuring permit allows traffic
source
Specifies the source details.
dst
Specifies details on the destination.
dsthost
Specifies the destination host.
ethertype
Filters extended ACLs traffic based on ethertype.
vlan
Specifies the VLAN number.
log
Enables log.
count
Displays the count of forwarding entries.
srchost
Specifies the source host.

Usage Guidelines

GET, POST, DELETE, OPTIONS, and HEAD operations are supported.

Examples

URI

The following example uses the GET option to retrieve the configuration details.

http://host:80/rest/config/running/mac

None 

<mac xmlns="urn:brocade.com:mgmt:brocade-mac-access-list" xmlns:y="http://brocade.com/ns/rest" y:self="/rest/config/running/mac">
  <access-list y:self="/rest/config/running/mac/access-list">
    <standard y:self="/rest/config/running/mac/access-list/standard/TEST_ACL">
      <name>TEST_ACL</name>
      <seq y:self="/rest/config/running/mac/access-list/standard/TEST_ACL/seq/3">
        <seq-id>3</seq-id>
        <action>hard-drop</action>
        <source>any</source>
      </seq>
      <seq y:self="/rest/config/running/mac/access-list/standard/TEST_ACL/seq/199">
        <seq-id>199</seq-id>
        <action>deny</action>
        <source>any</source>
      </seq>
    </standard>
    <standard y:self="/rest/config/running/mac/access-list/standard/acl2">
      <name>acl2</name>
    </standard>
    <standard y:self="/rest/config/running/mac/access-list/standard/stdmac">
      <name>stdmac</name>
    </standard>
    <extended y:self="/rest/config/running/mac/access-list/extended/MM">
      <name>MM</name>
  </extended>
  <extended y:self="/rest/config/running/mac/access-list/extended/acl12">
      <name>acl12</name>
      <seq y:self="/rest/config/running/mac/access-list/extended/acl12/seq/10">
        <seq-id>10</seq-id>
        <action>permit</action>
        <source>any</source>
        <dst>host</dst>
        <dsthost>0011.2222.2233</dsthost>
        <ethertype>arp</ethertype>
        <vlan>300</vlan>
        <log>true</log>
      </seq>
    </extended>
    <extended y:self="/rest/config/running/mac/access-list/extended/acl4">
      <name>acl4</name>
      <seq y:self="/rest/config/running/mac/access-list/extended/acl4/seq/10">
        <seq-id>10</seq-id>
        <action>deny</action>
        <source>any</source>
        <dst>any</dst>
        <ethertype>arp</ethertype>
        <count>true</count>
      </seq>
    </extended>
    <extended y:self="/rest/config/running/mac/access-list/extended/acl5">
      <name>acl5</name>
      <seq y:self="/rest/config/running/mac/access-list/extended/acl5/seq/10">
        <seq-id>10</seq-id>
        <action>permit</action>
        <source>any</source>
        <dst>any</dst>
        <vlan>100</vlan>
        <log>true</log>
      </seq>
      <seq y:self="/rest/config/running/mac/access-list/extended/acl5/seq/20">
        <seq-id>20</seq-id>
        <action>permit</action>
        <source>host</source>
        <srchost>0011.2222.3333</srchost>
        <dst>any</dst>
        <ethertype>arp</ethertype>
        <vlan>100</vlan>
        <count>true</count>
        <log>true</log>
      </seq>
    </extended>
    <extended y:self="/rest/config/running/mac/access-list/extended/mac-acl-lldp">
      <name>mac-acl-lldp</name>
      <seq y:self="/rest/config/running/mac/access-list/extended/mac-acl-lldp/seq/10">
        <seq-id>10</seq-id>
        <action>permit</action>
        <source>any</source>
        <dst>host</dst>
        <dsthost>0180.c200.000e</dsthost>
        <count>true</count>
      </seq>
    </extended>
  </access-list>
</mac>

URI

The following is an example of the POST operation to add a new access list name to the MAC access list.

http://host:80/rest/config/running/mac/access-list 

<standard>
  <name>test_API</name>
</standard>

None

URI

The following is an example of the DELETE operation to remove an extended access list from the MAC access list.

http://host:80/rest/config/running/mac/access-list/extended/acl2

None

None

9036681-01 Rev AA