Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048T-ON
351352353354355356357358359360
Version Description
9.3(0.0) Added support for logging of ACLs on the S4810, S4820T, and
Z9000 platforms.
Usage Information
When the configured maximum threshold is exceeded, generation of logs is stopped.
When the interval at which ACL logs are configured to be recorded expires, the
subsequent, fresh interval timer is started and the packet count for that new interval
commences from zero. If ACL logging was stopped previously because the configured
threshold is exceeded, it is re-enabled for this new interval.
If ACL logging is stopped because the configured threshold is exceeded, it is re-
enabled after the logging interval period elapses. ACL logging is supported for standard
and extended IPv4 ACLs, IPv6 ACLs, and MAC ACLs. You can configure ACL logging
only on ACLs that are applied to ingress interfaces; you cannot enable logging for ACLs
that are associated with egress interfaces.
Related
Commands
deny — assign a filter to deny IP traffic.
deny tcp — assign a filter to deny TCP traffic.
deny arp (for Extended MAC ACLs)
Configure an egress filter that drops ARP packets on egress ACL supported line cards. (For more information,
refer to your line card documentation).
Syntax
deny arp {destination-mac-address mac-address-mask | any} vlan
vlan-id {ip-address | any | opcode code-number} [count [byte]]
[order] [log [interval minutes] [threshold-in-msgs [count]]
[monitor]
To remove this filter, you have two choices:
Use the no seq sequence-number command if you know the filter’s sequence
number.
Use the no deny arp {destination-mac-address mac-address-mask |
any} vlan vlan-id {ip-address | any | opcode code-number}
command.
Parameters
log (OPTIONAL) Enter the keyword log to enable the triggering of
ACL log messages.
threshold-in msgs
count
(OPTIONAL) Enter the threshold-in-msgs keyword followed
by a value to indicate the maximum number of ACL logs that
can be generated, exceeding which the generation of ACL logs
is terminated with the seq, permit, or deny commands. The
threshold range is from 1 to 100.
Access Control Lists (ACL) 355