Cisco Systems OL-6244-01 show security acl log

2-1177

Catalyst 6500 Series Switch Command Reference—Release8.4

OL-6244-01

Chapter2 Catalyst 6500 Series Switch and ROM Monitor Commands show security acl log

show security acl log

To display VACL log information, use the show security acl log command.

show security acl log config

show security acl log flow protocol {src_ip_spec | dest_ip_spec} [vlan vlan_num]

show security acl log flow {ip} {src_ip_spec | dest_ip_spec} [vlan vlan_num]

show security acl log flow {icmp | 1} {src_ip_spec | dest_ip_spec} [icmp_type [icmp_code]]

[vlanvlan_num]

show security acl log flow {tcp | 6} {{src_ip_spec [operator port [port]]} | {dest_ip_spec [operator

port [port]]}} [vlan vlan_num]

show security acl log flow {udp | 17} src_ip_spec [operator port [port]] dest_ip_spec [operator

port [port]] [vlan vlan_num]

show security acl log flow arp [host IP_Address [vlan vlan_num]]

Syntax Description config Displays the VACL log configuration information including the maximum

number of the flow pattern and redirect rate.

flow Displays the flow information specified by the arguments since its last syslog

report.

protocol Keyword or number of an IP protocol; valid numbers are from 0 to 255

representing an IP protocol number. See the “ Us ag e G ui de lin es ” s ection for the

list of valid keywords.

src_ip_spec Source IP address and the source mask. See the “Usage Guidelines” section for

the format.

dest_ip_spec Destination IP address and the destination mask. See the “Usage Guidelines”

section for the format.

vlan vlan_num (Optional) Number of the VLAN to be displayed; valid values are from 1 to

4094.

ip Matches any IP packets.

icmp | 1Matches ICMP packets.

icmp_type (Optional) ICMP message type name or a number; valid values are from 0 to

255. See the “Usage Guidelines” section for a list of valid names.

icmp_code (Optional) ICMP message code name or a number; valid values are from 0 to

255. See the “Usage Guidelines” section for a list of valid names.

tcp | 6Matches TCP packets.

operator (Optional) Operands; valid values include lt (less than), gt (greater than), eq

(equal), neq (not equal), and range (inclusive range).

port (Optional) Number or name of a TCP or UDP port; valid port numbers are from

0 to 65535. See the “Usage Guidelines” section for a list of valid nam es.

udp | 17 Matches UDP packets.

arp Displays all logged ARP packets.

host IP_Address (Optional) Specifies the IP address of an IP host.