10-127
IPv4 Access Control Lists (ACLs)
Enable ACL “Deny” Logging
Figure 10-59. Resulting ACE Hits on the VLAN 30 RACL Assignment of the “Test-1” ACL
Figure 10-60. Resulting ACE Hits on the VLAN 70 RACL Assignment of the “Test-1” ACL
Note that the ACE counters for the VACL assignment of the “Test-1” ACL on
VLAN 20 are not affected by ACE hits on the RACL assignments of the same
ACL.
HP Switch(config)# show statistics aclv4 Test-1 vlan 50 in
Hit Counts for ACL Test-1
Total
( 6) 10 deny tcp 0.0.0.0 255.255.255.255 10.10.20.2 0.0.0.0 eq 23 log
( 1) 20 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
HP Switch(config)#
Indicates the same type of data as shown in figure 10-57 for the VACL assignment
of the “Test-1” ACL. That is, the Ping attempt incremented the counters for ACE
20 and the Telnet attempt incremented the counters for ACE 10 in the VLAN 50
RACL instance of the ACL.
HP Switch(config)# show statistics aclv4 Test-1 vlan 70 in
HitCounts for ACL Test-1
Total
( 6) 10 deny tcp 0.0.0.0 255.255.255.255 10.10.20.2 0.0.0.0 eq 23 log
( 1) 20 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255
HP Switch(config)#
The ACE counters in the VLAN 70 RACL assignment of “Test-1” are also
incremented by the commands executed in figure 10-58.
To Next Page
Loading...
Need help?
General