Displays the syntax of a dynamic ACL.
| rule | Specifies the rule to display. |
| rule_li | Specifies the dynamic rule name for Lawful Intercept account only. You must have lawful intercept user privileges to specify this variable. |
| detail | Specifies to display where the ACL has been applied. |
N/A.
None.
The following command displays the syntax of the dynamic ACL udpacl:
show access-list dynamic rule udpacl
The output of the command is similar to the following:
Print
this page
Email this topic
Feedback
View PDF
Download EPUBentry udpacl {
if match all {
source-address 10.203.134.0/24 ;
destination-address 140.158.18.16/32 ;
protocol udp ;
source-port 190 ;
destination-port 1200 - 1250 ;
} then {
permit ;
} }
The following command displays where the dynamic ACL udpacl has been applied:
show access-list dynamic rule udpacl
The output of the command is similar to the following:
Rule updacl has been applied to the following interfaces. Vlan Name Port Direction ================================= * 1 ingress
The lawful intercept user can display the names of the existing dynamic ACLs and a count of how many times each is used when the following command is issued:
* (pacman debug) X460-24p.1 > show access-list dynamic Dynamic Rules: ((*)- Rule is non-permanent ) (*)hclag_arp_0_4_96_51_fe_b2 Bound to 0 interfaces for application HealthCheckLAG (*)idmgmt_def_blacklist Bound to 0 interfaces for application IdentityManager (*)idmgmt_def_whitelist Bound to 0 interfaces for application IdentityManager (*)mirror-data Bound to 2 interfaces for application CLI
Use the following command to see the conditions and actions for a dynamic ACL:
* (pacman debug) X460-24p.2 > show access-list dynamic rule "mirror-data"
entry mirror-data {
if match all {
source-address 10.66.9.8/24 ;
protocol udp ;
} then {
permit ;
mirror law_mirror ;
} }
This command was first available in ExtremeXOS 11.3.
The detail keyword was added in ExtremeXOS 11.4.
The rule_li variable was added in ExtremeXOS 15.3.2.
This command is available on all platforms.