Reference Guide
Security | 809
Since traffic passes through the filter in the order of the filter’s sequence, you can configure the trace list by
first entering the TRACE LIST mode and then assigning a sequence number to the filter.
To create a filter for packets with a specified sequence number, use these commands in the following
sequence, starting in the CONFIGURATION mode:
To create a filter for TCP packets with a specified sequence number, use these commands in the following
sequence, starting in the CONFIGURATION mode:
Step Command Syntax Command Mode Purpose
1 ip trace-list trace-list-name CONFIGURATION Enter the TRACE LIST mode by creating
an trace list.
2 seq sequence-number {deny | permit}
{ip | ip-protocol-number} {source mask
|
any | host ip-address} {destination
mask | any | host ip-address} [count
[
byte] | log]
TRACE LIST Configure a drop or forward filter.
Configure the following required and
optional parameters:
• sequence-number range: 0 to,
4294967290.
• ip: to specify IP as the protocol to filter
for.
• ip-protocol-number range: 0 to 255.
• source: An IP address as the source IP
address for the filter to match.
• mask: a network mask
• any: to match any IP source address
• host ip-address: to match IP addresses
in a host.
• destination: An IP address as the
source IP address for the filter to match.
• count: count packets processed by the
filter.
• byte: count bytes processed by the
filter.
• log: is supported.
Step Command Syntax Command Mode Purpose
1 ip trace-list trace-list-name CONFIGURATION Create a trace list and assign it a unique
name.