|
Date:
|
Sep 22 2000 07:58:55 EDT
|
|
From:
|
"Kevison Dennys Carrilho Bentes" <[EMAIL PROTECTED]>
|
|
Subject:
|
Re: [redewan] Access-list - Cisco |
Oi NewAdmin,
Experimente esses comandos:
show ip accounting
To display the active accounting or checkpointed database or to display
access list violations, use the show ip accounting EXEC command.
show ip accounting [checkpoint] [output-packets | access-violations]
Syntax Description
checkpoint (Optional) Indicates that the checkpointed database should
be displayed.
output-packets (Optional) Indicates that information pertaining to
packets that passed access control and were successfully routed should be
displayed. If neither the output-packets nor access-violations keyword is
specified, output-packets is the default.
access-violations (Optional) Indicates that information pertaining to
packets that failed access lists and were not routed should be displayed. If
neither the output-packets nor access-violations keyword is specified,
output-packets is the default.
ip accounting
To enable IP accounting on an interface, use the ip accounting interface
configuration command. To disable IP accounting, use the no form of this
command.
ip accounting [access-violations]
no ip accounting [access-violations]
Syntax Description
access-violations (Optional) Enables IP accounting with the ability
to identify IP traffic that fails IP access lists.
Default
Disabled
O par�metro log no final da regra server para indicar que todos os pacotes
que foram filtrados por aquela regra espec�fica,
ser�o registrados em um servidor de registros.
Grato.
Kevison Dennys Carrilho Bentes
Gerente de Rede
Air System Network
Bras�lia - DF Brasil
Fone: 55 61 313-8002
Fax: 55 61 313-8008
[EMAIL PROTECTED]
----- Original Message -----
From: "newadmin" <[EMAIL PROTECTED]>
To: "Lista de Discuss�o Rede Wan" <[EMAIL PROTECTED]>
Sent: Tuesday, September 19, 2000 10:55 AM
Subject: [redewan] Access-list - Cisco
> Lista de Discuss�o Rede Wan - http://www.networkdesigners.com.br
>
> Quando se da um show access-list mostra-se uma
> estatitica de quantas vezes cada regra foi aplicada. Tem
> como saber mais detalher a respeito, tipo o nr ip do
> pacote para o qual a regra foi aplicada a porta etc..?
>
>
> O que o parametro log no final de uma regra realiza?
>
>
> A regra abaixo indica que todas as maquinas do mundo,
> podem estabelecr conexoes tcp (acima da porta 1024) com
> as maquinas da rede interna?
>
> acc 101 permit tcp any my network estab
> interface serial 0
> ip access-group 101 in
>
>
>
> Porque quando se aplica a regra abaixo o deny ip ip
> aparece primeiro?
>
>
> access-list 101 deny ip 127.16.0.0 0.15.255.255 any
> access-list 101 deny ip any any
>
> Obrigado a todos..
>
>
> __________________________________________________________________________
> Todo brasileiro tem direito a um e-mail gr�tis
> http://www.bol.com.br
>
>
> ______________________________________________________________________
>
|
