I'm new to scripting and creating acl files and need help with denying a device from broadcasting mdns on udp port 5353. Also, can the address be a mac address instead of ip? We have the ip address but it's mac address is referenced in logs and scans on our network. The device is being seen as a access point but it's our phone system. Also, should the acl be applied on all switches including the core switch?