Logging Acl Activity; Overview - Avaya P580 User Manual

Logging ACL Activity

Overview

Document No. 650-100-700, Issue 1
7. Enter the destination address (10.1.1.0) and the destination address
wildcard (0.0.0.255), respectively, in the Dest Address field.
8. Click CREATE to save your changes, or CANCEL to restore previous
settings. Once you create both access rules, all traffic between subnet
10.1.1.0 and 10.1.2.0 is deny/filtered.
* Note: Traffic between any other 10.1.x.0 subnets are not
filtered because the access rules only deny/filter
traffic between subnets 10.1.1.0 and 10.1.2.0.
To deny/filter traffic to a specific address and not to
an entire subnet, you must specify the destination IP
address of the network node, and use a subnet
wildcard of 0.0.0.0.
To deny/filter all traffic, you must specify a
destination address of 0.0.0.0 and a wildcard of
255.255.255.255. This is useful if you want to filter
all traffic except traffic that matches a previous rule.
Ensure that you do not make this your first rule, since
ACL rules are read from the top down and stop after
the first rule match, which ignores all subsequent
rules.
You can log information about packets that match specific rules in the active
access control list (ACL). Each log entry contains the following
information:
Source and destination IP address.
Protocol ID (RFC 1700 defines these ID numbers).
Time that the match occurred.
Index number of the access rule that was matched.
Configuring Access Lists
13-15