Security
102
System Management Guide
3HE 11018 AAAC TQZZA Edition: 01
log
Syntax log log-id
no log
Context config>system>security>cpm-filter>ip-filter>entry
config>system>security>cpm-filter>ipv6-filter>entry
Description This command specifies the log in which packets matching this entry should be entered. The
value 0 indicates that logging is disabled.
The no form of the command deletes the log ID.
Parameters log-id — the log ID where packets matching this entry should be entered
Values 101 to 199
match
Syntax match [protocol protocol-id]
no match
Context config>system>security>cpm-filter>ip-filter>entry
Description This command enables the context to enter match criteria for the IPv4 filter entry. When the
match criteria have been satisfied, the action associated with the match criteria is executed.
If more than one match criterion (within one match statement) is configured, all criteria must
be satisfied (AND function) before the action associated with the match is executed.
A match context may consist of multiple match criteria, but multiple match statements cannot
be entered per entry.
The no form of the command removes the match criteria for the entry-id.
Parameters protocol-id — protocol-number or protocol-name
protocol-number — the protocol number in decimal, hexadecimal, or binary, to be used
as an IP filter match criterion. Common protocol numbers include ICMP(1), TCP(6),
and UDP(17). See Table 6 for the protocol IDs and descriptions for the IP protocols.
Values [0 to 255]D
[0x0 to 0xFF]H
[0b0 to 0b11111111]B
To Next Page
Loading...
