Use this command to define a named access control list (ACL) that determines whether to accept or drop the ARP packets, based on the ARP request or response option configured.

An ACL is made up of one or more ACL specifications. You can repeat this command and add multiple specifications. Each time you give this command, the specification is added to the end of the list.

Each packet that arrives at the device is compared to each specification in each ACL in the order that they are defined. The device continues to look until it has a match. If no match is found and the device reaches the end of the list, the packet is denied. For this reason, place the most frequently occurring specifications at the top of the list.

The device stops checking the specifications after a match occurs.

There is an implied deny specification for traffic that is not permitted. A single-entry ACL with only one deny specification is the same as denying all traffic. You must have at least one permit specification in an ACL or all traffic is blocked.

Use the no form of this command to remove an ACL specification.

Configure mode

This command was introduced in OcNOS version 3.0.