Enterasys Networks CSX7000, CSX5500, CSX6000 manual IP Filters Trace Messages

TRACE MESSAGES

IP Filters Trace Messages

IP FILTERS TRACE MESSAGES

You can trace packets that are discarded as a result of IP Filters. Enable this feature by using the ip filter trace discard command, and disable it with ip filter trace off. Note that when you enable this feature, the report log has the potential of filling quickly. Use the feature wisely, and be sure to turn it off once you’ve completed your troubleshooting. Access the discarded packet information via the report log by using the dr command.

Each discarded packet will cause a log report of the following format:

(F)_:_:_:_:#9a00 [IPFILT] <filtername>/condition # at <application point name>/in/out {IP} Src: xxx.xxx.xxx.xxx Dst: xxx.xxx.xxx.xxx Pr: n

{UDP} Src: n Dst: n

The first line indicates:

•the number of the condition within that filter which matched the packet and consequently caused a discard action,

•the point at which the filter was applied, or a designation of global. For an IP network interface, this will be the configured name of the interface. For a device-based filter, this will be the con- figured device’s name.

•In or Out, corresponding to INPUT or OUTPUT application.

The next lines contain a brief decode of the packet which was discarded. In particular, the packet fields which comprise the packet type comparisons are displayed. The key IP fields are always displayed on one line. If the IP protocol is one of the explicitly recognized values (ICMP, UDP, TCP), the next line will contain a decode of the key fields of that protocol.

Sample IP Filter Trace Discard logs:

•Filter UDP, condition 1, applied at interface lan’s OUTPUT

•Filter ICMP, condition 1, applied globally

Central Site Remote Access Switch 551