Logging acl activity, Overview, Logging acl activity -15 – Avaya 580 User Manual
Page 435: Overview -15

Document No. 10-300077, Issue 2
13-15
Configuring Access Lists
3. Enter a number between 100 and 199 (or Alphanumeric) (extended
ACL) in the Access List Name field to identify your new access control 
list.
4. Enter a number in the Access Rule Index file to identify the access rule.
5. Select Deny/Filter from the Access Type field pull-down menu.
6. Enter the source address (10.1.2.0) and the source address wildcard
(0.0.0.255), respectively, in the Source Address field.
7. Enter the destination address (10.1.1.0) and the destination address
wildcard (0.0.0.255), respectively, in the Dest Address field.
8. Click CREATE to save your changes, or CANCEL to restore previous
settings. Once you create both access rules, all traffic between subnet 
10.1.1.0 and 10.1.2.0 is deny/filtered. 
*Note: Traffic between any other 10.1.x.0 subnets are not filtered
because the access rules only deny/filter traffic between 
subnets 10.1.1.0 and 10.1.2.0.
To deny/filter traffic to a specific address and not to an 
entire subnet, you must specify the destination IP address 
of the network node, and use a subnet wildcard of 0.0.0.0.
To deny/filter all traffic, you must specify a destination 
address of 0.0.0.0 and a wildcard of 255.255.255.255. 
This is useful if you want to filter all traffic except traffic 
that matches a previous rule. Ensure that you do not make 
this your first rule, since ACL rules are read from the top 
down and stop after the first rule match, which ignores all 
subsequent rules.
Logging ACL Activity
Overview
You can log information about packets that match specific rules in the 
active access control list (ACL). Each log entry contains the following 
information: 
■
Source and destination IP address.
■
Protocol ID (RFC 1700 defines these ID numbers).
■
Time that the match occurred.
■
Index number of the access rule that was matched.
