beautypg.com

Brocade Multi-Service IronWare Administration Guide (Supporting R05.6.00) User Manual

Page 368

background image

350

Multi-Service IronWare Administration Guide

53-1003028-02

Syslog messages

A

TABLE 70

Syslog messages ACL

Message level

Message

Explanation

Warning

ACL list acl-num denied ip-proto
src-ip-addr (src-tcp/udp-port)
(Ethernet portnum mac-addr) ->
dst-ip-addr (dst-tcp/udp-port),
1 events

Indicates that an Access Control List (ACL)
denied (dropped) packets.
The acl-num indicates the ACL number.
Numbers 1 – 99 indicate standard ACLs.
Numbers 100 – 199 indicate extended
ACLs.
The ip-proto indicates the IP protocol of the
denied packets.
The src-ip-addr is the source IP address of
the denied packets.
The src-tcp/udp-port is the source TCP or
UDP port, if applicable, of the denied
packets.
The portnum indicates the port number on
which the packet was denied.
The mac-addr indicates the source MAC
address of the denied packets.
The dst-ip-addr indicates the destination IP
address of the denied packets.
The dst-tcp/udp-port indicates the
destination TCP or UDP port number, if
applicable, of the denied packets.

Warning

ACL:rip filter list list-num direction V1 | V2
denied ip-addr, num packets

Indicates that a RIP route filter denied
(dropped) packets.
The list-num is the ID of the filter list.
The direction indicates whether the filter
was applied to incoming packets or
outgoing packets. The value can be one of
the following:

in

out

The V1 or V2 value specifies the RIP version
(RIPv1 or RIPv2).
The ip-addr indicates the network number
in the denied updates.
The num indicates how many packets
matching the values above were dropped
during the five-minute interval represented
by the log entry.

Notification

ACL insufficient L4 session resource, using
flow based ACL instead

The device does not have enough Layer 4
session entries.
To correct this condition, allocate more
memory for sessions. To allocate more
memory, enter the following command at
the global CONFIG level of the CLI interface
system-max session-limit num

Notification

ACL system fragment packet inspect rate
rate exceeded

The fragment rate allowed on the device
has been exceeded.
The rate indicates the maximum rate
allowed.
This message can occur if fragment
throttling is enabled.

See also other documents in the category Brocade Computer Accessories: