Can't find what you need?


• Ask the Community
• Create a Case
Reset Search
 

 

Article

How to Capture received packets using an ACL and log the packet header to the "show log" output

« Go Back

Information

 
TitleHow to Capture received packets using an ACL and log the packet header to the "show log" output
Objective
Use an ACL to match, and display packet header to the "show log" output.
Environment
  • EXOS
  • ACL
Procedure
In this example we are matching on all VRRP traffic using the IP destination address of 224.0.0.18.
 
  1. Create an ACL that will match the traffic you want to see in the log.
Note:  Only traffic going to the CPU will be captured in the log.  You can use the mirror-cpu ACL action to force the traffic to the CPU.  Be careful sending a lot of traffic to the CPU, it could effect the switches normal operation.

entry acl_match_to_log {
if match all {
destination-address 224.0.0.18/32;
}
then {
    mirror-cpu; #Mirrors a copy of the packet to the CPU in order to log it (ingress only).
    log; #Logs the packet header.
    permit;
}
}
  1. Apply the ACL to the switch where you want capture the traffic.
configure access-list aclname [any | ports port_list ] {ingress | egress}
 
  1. The logs that show the packet headers are not added by default so they will need to be added.  Add the event log that matches your device type to the default log filter to see the captured packet headers in the logs.
For standalone switches: configure log filter DefaultFilter add event kern.info

For Summit stacks and Chassis: configure log filter DefaultFilter add event Kern.Card.Info
 
Additional notes
Logs will be displayed in this format:
 
<Info:Kern.Info> MSM-A: 192.0.2.10 -> 224.0.0.18 Protocol: 112 v4 hLen: 20 ttl: 255 tos: 0xc0 tLen: 40

To remove the logs use the commands below:
 
For standalone switches: configure log filter DefaultFilter delete event kern.info

For Summit stacks and Chassis: configure log filter DefaultFilter delete event Kern.Card.Info
 
See How to create and apply an ACL in EXOS for more help on creating and installing ACL's.
Currently, we have limitation to log IPv6 packets in EXOS.
This can be raised as a feature request by contacting local sales team.

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255