Manualshelf

Reference Guide

ManualsBrandsDell ManualsComputer equipmentForce10 Z9000
741742743744745746747748749750
Security | 745
Figure 37-14. Trace List Example
To view all configured Trace lists and the number of packets processed through the Trace list, use the show
ip accounting trace-list
command (Figure 37-15) in the EXEC Privilege mode.
Apply trace lists
After you create a Trace list, you must enable it. Without enabling the Trace list, no traffic is filtered.
You can enable one Trace list.
To enable a Trace list, use the following command in the CONFIGURATION mode:
To remove a Trace list, use the
no ip trace-group trace-list-name command syntax.
Once the Trace list is enabled, you can view its log with the
show ip accounting trace-list trace-list-name
[linecard number] command.
Figure 37-15. show ip accounting trace-list Command Example
Command Syntax Command Mode Purpose
ip trace-group trace-list-name CONFIGURATION Enable a configured Trace list to filter traffic.
FTOS(config-trace-acl)#deny tcp host 123.55.34.0 any
FTOS(config-trace-acl)#permit udp 154.44.123.34 0.0.255.255 host 34.6.0.0
FTOS(config-trace-acl)#show config
!
ip trace-list nimule
seq 5 deny tcp host 123.55.34.0 any
seq 10 permit udp 154.44.0.0 0.0.255.255 host 34.6.0.0
FTOS#show ip accounting trace-list dilling
Trace List dilling on linecard 0
seq 2 permit ip host 10.1.0.0 any count (0 packets)
seq 5 deny ip any any
FTOS#