Enabling and configuring ACL Raslogs

This task enables Raslog messages for ACL rules with log keywords and specifies how long the system waits between ACL Raslog messages.

For details of Raslog messages, refer to the Extreme SLX-OS Message Reference.

1. Enter the configure terminal command to access global configuration mode.
   

   device# configure terminal

2. Enter the acl-policy command to access ACL policy configuration mode.
   

   device(config)# acl-policy
   

3. Enter the acl-log-raslog command to enable ACL Raslogs.
   

   device(config-acl-policy)# acl-log-raslog
   

4. To modify the interval between the first ACL Raslog and each consecutive Raslog, enter the acl-log-raslog log-interval command.
   

   device(config-acl-policy)# acl-log-raslog log-interval 8
   

Example

The following output is an ACL Raslog example.

MAC ACL mac_2 permitted 1 packets on intf eth1/6 [SA:0010.1010.1001, DA:0001.0300.0500, 
Type:0, VLAN:101, SIP:0.0.0.0, DIP:0.0.0.0, l3_proto:none, src_port:0, dst_port:0]

IP ACL v4acl denied 1 packets on intf eth1/6  [SA:0001.0300.0400,DA:0001.0300.0500, 
Type:800, VLAN:100, SIP:2.2.2.2, DIP:6.6.6.6, l3_proto:udp, src_port:66, dst_port:77]

IPv6 ACL v6acl permitted 1 packets on intf po44  [SA:0001.0300.0400,DA:0001.0300.0500, 
Type:86dd, VLAN:100, SIP:fe80::201:3ff:fe00:400, DIP:3555:5555:6666:6666:7777:7777:8888:8888, 
l3_proto:udp, src_port:63, dst_port:63]