Configuration Guide 6. SPI Firewall
Version 7.2 27 Security Setup
After simulating the ICMP, UDP traffic on port 5000 and traffic on other ports that are not
allowed by the firewall, the output of the show data access command displays the
following:
# show data access-lists
Extended IP access list FW_out
FW_out permit tcp 192.168.0.0 0.0.0.255 any eq 20 log (0
matches)
FW_out permit tcp 192.168.0.0 0.0.0.255 any eq 21 log (0
matches)
FW_out permit tcp 192.168.0.0 0.0.0.255 any eq 22 log (0
matches)
FW_out permit tcp 192.168.0.0 0.0.0.255 any eq 23 log (0
matches)
FW_out permit udp 192.168.0.0 0.0.0.255 any eq 5000 log (2
matches)
FW_out permit udp 192.168.0.0 0.0.0.255 any eq 5001 log (0
matches)
FW_out permit udp 192.168.0.0 0.0.0.255 any eq 5002 log (0
matches)
FW_out permit udp 192.168.0.0 0.0.0.255 any eq 5003 log (0
matches)
FW_out permit udp 192.168.0.0 0.0.0.255 any eq 5004 log (0
matches)
FW_out permit icmp any any log (1298 matches)
FW_out deny ip any any log (701523 matches)
#
Note that the traffic counter incremented after specific traffic passed through the ACL.
To Next Page
Loading...
