296 ACL Commandsdeny | permit (Mac-Access-List-Configuration)Use the deny command in Mac-Access-List Configuration mode to denytraffic if the conditions defined in the deny statement are matched. Use thepermit command in Mac-Access-List Configuration mode to allow traffic ifthe conditions defined in the permit statement are matched.Use this command in Mac-Access-List Configuration mode to create a newrule for the current MAC access list. Each rule is appended to the list ofconfigured rules for the list.The command is enhanced to accept the optional time-range parameter. Thetime-range parameter allows imposing a time limitation on the MAC ACLrule as defined by the parametertime-range-name. If a time range with thespecified name does not exist, and the MAC ACL containing this ACL rule isapplied to an interface or bound to a VLAN, then the ACL rule is appliedimmediately. If a time range with the specified name exists, and the MACACL containing this ACL rule is applied to an interface or bound to a VLAN,then the ACL rule is applied when the time-range with a specified namebecomes active. The ACL rule is removed when the time-range with aspecified name becomes inactive.Syntax{deny | permit} {{any |srcmac srcmacmask} {any | bpdu |dstmacdstmacmask}} [ethertypekey |0x0600-0xFFFF] vlan {eq0-4095}] [cos0-7][[log] [time-rangetime-range-name] [assign-queuequeue-id] [{mirror |redirect}interface-id]0x8809 Slow Protocols (IEEE 802.3)0x8870 Jumbo frames0x888E EAP over LAN (EAPOL – 802.1x)0x88CC Link Layer Discovery Protocol0x8906 Fibre Channel over Ethernet0x8914 FCoE Initialization Protocol0x9100 Q in QEthertype Protocol