ACCESS-LISTS - NON ROUTABLE PROTOCOLS Key Commands Shows and Debugs Extended MAC access lists Access-list 1101 deny 1111.2222.3333 0000.0000.0000 2222.3333.4444 0000.0000.0000 access-list 1101 permit 0000.0000.0000 FFFF.FFFF.FFFF 0000.0000.0000 FFFF.FFFF.FFFF ! interface ethernet bridge-group input-pattern-list 1101 bridge-group output-pattern-list 1101 Show access-expression Debug access-expression Show access-list or on Token ring: interface tokenring source-bridge output-pattern-list 1101 source-bridge input-pattern-list 1101 Additional Commands For standard MAC access lists: Access-list 701 deny 1111.2222.3333 0000.0000.0000 Access-list 701 permit 0000.0000.0000 FFFF.FFFF.FFFF ! interface ethernet bridge-group output-address-list 701 bridge-group input-address-list 701 interface tokenring source-bridge input-address-list 701 source-bridge output-address-list 701 FOR DLSW: The access-list is placed on the remote-peer statement dlsw remote-peer tcp 10.1.1.1 dmac-output-list 701 LSAP address access-lists Grouped by pair of source and destination LSAP: 0xF0F0 is F0 source to S0 destination Access-list 201 deny 0xF0F0 0x0 .. .ACCESS- LISTS - NON ROUTABLE PROTOCOLS Key Commands Shows and Debugs NetBIOS access lists Does not have an access- list number range! Netbios access- list host MyList deny NetBiosName Netbios access- list... tokenring Netbios output -access- filter host MyList Netbios input -access- filter host MyList Additional Commands Access Expressions Combines netbios, lsap and mac access lists Can use: Lsap(200)... Dmac(700) Netbios-host(netbios access list name) With the above lists: Access- expression in lsap(201) | (lsap(200) & dmac(701)) On token ring: Interface tokenring Access- expression in expression