Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S6010-ON
301302303304305306307308309310
traffic with particular flows that are traversing through the ingress and egress interfaces
are examined and, appropriate ACLs can be applied in both the ingress and egress
direction. Flow-based monitoring conserves bandwidth by monitoring only specified
traffic instead all traffic on the interface. This feature is particularly useful when looking
for malicious traffic. It is available for Layer 2 and Layer 3 ingress and egress traffic. You
may specify traffic using standard or extended access-lists. This mechanism copies all
incoming or outgoing packets on one port and forwards (mirrors) them to another
port. The source port is the monitored port (MD) and the destination port is the
monitoring port (MG).
Related
Commands
deny tcp — assign a filter to deny TCP packets.
deny udp — assign a filter to deny UDP packets.
ip access-list extended — create an extended ACL.
seq (for Standard IPv4 ACLs)
Assign a sequence number to a deny or permit filter in an IP access list while creating the filter.
Syntax
seq sequence-number {deny | permit} {source [mask] | any | host
ip-address}} [count [bytes]] [dscp value] [order] [fragments] [log
[interval minutes] [threshold-in-msgs [count]] [monitor]
To delete a filter, use the no seq sequence-number command.
Parameters
log (OPTIONAL) Enter the keyword log to enable the triggering of
ACL log messages.
threshold-in msgs
count
(OPTIONAL) Enter the threshold-in-msgs keyword followed
by a value to indicate the maximum number of ACL logs that
can be generated, exceeding which the generation of ACL logs
is terminated with the seq, permit, or deny commands. The
threshold range is from 1 to 100.
interval minutes (OPTIONAL) Enter the keyword interval followed by the time
period in minutes at which ACL logs must be generated. The
interval range is from 1 to 10 minutes.
monitor (OPTIONAL) Enter the keyword monitor when the rule is
describing the traffic that you want to monitor and the ACL in
which you are creating the rule is applied to the monitored
interface.
Defaults
By default, 10 ACL logs are generated if you do not specify the threshold explicitly.
Access Control Lists (ACL) 304