Cisco Nexus 3600 NX-OS Security Configuration Manual page 97

page of 154

/ 154
Contents
Table of Contents
Bookmarks

Table of Contents

Configuring IP ACLs

Step 5

Step 6

Step 7

Step 8

Step 9

Step 10

Step 11

Step 12

Command or Action

interface ethernet slot/port

Example:

switch(config)# interface ethernet

1/1

switch(config-if)#

ip access-group name in

Example:

switch(config-if)# ip access-group

logging-test in

exit

Example:

switch(config-if)# exit

switch(config)#

logging ip access-list cache interval

interval

Example:

switch(config)# logging ip

access-list cache interval 490

logging ip access-list cache entries

number-of-flows

Example:

switch(config)# logging ip

access-list cache entries 8001

logging ip access-list cache threshold

threshold

Example:

switch(config)# logging ip

access-list cache threshold 490

logging ip access-list detailed

Example:

switch(config)# logging ip

access-list detailed

hardware rate-limiter access-list-log

packets

Example:

switch(config)# hardware

rate-limiter access-list-log 200

Purpose

Enters interface configuration mode.

Enables the filtering of IPv4 traffic on an interface using

the specified ACL. You can apply an ACL to inbound

traffic.

Updates the configuration and exits interface

configuration mode.

Configures the log-update interval (in seconds) for the

ACL logging process. The default value is 300 seconds.

The range is from 5 to 86400 seconds.

Specifies the maximum number of flows to be monitored

by the ACL logging process. The default value is 8000.

The range of values supported is from 0 to 1048576.

If the specified number of packets is logged before the

expiry of the alert interval, the system generates a syslog

message.

Enables the ACL name, the sequence number of ACE,

action, ACL direction, ACL filter type, and the ACL

applied interface are displayed in the output of the show

logging ip access-list cache command.

Configures rate limits in packets per second for packets

copied to the supervisor module for ACL logging. The

range is from 0 to 30000.

Note

Cisco Nexus NX-OS 7.0(3)F3(1) does not

support the hardware rate-limiter

access-list-log command.

Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 7.x

Configuring IPv4 ACL Logging

Table of Contents

Show Quick Links

Quick Links:
Authentication, Authorization, and Accounting
Ssh and Telnet

Hide quick links:

Table of Contents

Cisco Nexus 3600 NX-OS Security Configuration Manual page 97

Hide quick links:

Related Manuals for Cisco Nexus 3600 NX-OS

Related Products for Cisco Nexus 3600 NX-OS

Table of Contents