Security Commands
Page 236 7450 ESS System Mangement Guide
ip-filter
Syntax ip-filter [entry entry-id]
Context show>system>security>cpm-filter
Description This command displays CPM IP filters.
Parameters entry entry-id — Identifies a CPM filter entry as configured on this system.
Values 1 — 2048
Output CPM Filter Output — The following table describes CPM IP filter output fields..
Table 14: Show CPM IP Filter Output Fields
Label Description
Entry-Id
Displays information about the specified management access filter
entry
Dropped
Displays the number of dropped events.
Forwarded
Displays the number of forwarded events.
Description
Displays the CPM filter description.
Log ID
Displays the log ID where matched packets will be logged.
Src IP
Displays the source IP address(/netmask or prefix-list)
Dest. IP
Displays the destination IP address(/netmask).
Src Port
Displays the source port number (range).
Dest. Port
Displays the destination port number (range).
Protocol
Displays the Protocol field in the IP header.
Dscp
Displays the DSCP field in the IP header.
Fragment
Displays the 3-bit fragment flags or 13-bit fragment offset field.
ICMP Type
Displays the ICMP type field in the ICMP header.
ICMP Code
Displays the ICMP code field in the ICMP header.
TCP-syn
Displays the SYN flag in the TCP header.
TCP-ack
Displays the ACK flag in the TCP header
Match action
When the criteria matches, displays drop or forward packet.
Next Hop
In case match action is forward, indicates destination of the matched
packet.
To Next Page
Loading...
