3Com OfficeConnect 3C100XF Cli User's Manual - page 208
26-4
C
HAPTER
26: IP F
ILTERS
C
OMMANDS
set packet_logging
Sets parameters to generate SYSLOG messages for filtered packets. Facility can be
configured
globally,
or not at all. Use the
show packet_logging settings
command to view settings. This command has the following parameters:
logging
[all | none]
packet_size
[0-493 bytes]
set policy update
The command updates a policy that was already loaded into the system. The
updated policy is used only for new connections and doesn't affect existing
connections. The parameter
filter_name
is the name of policy file to use when
updating the IPSec policy in the system cache.
When using Cisco2500 as a gateway, for IPSEC policy file use Preshared Key length
up to 63 characters as it only allows 63 characters for IPSEC SA to be established
successfully.
Show Command
show ip filter
Use this command to view the contents of an IP filter.
The resulting screen display might look like the following:
SHOW IP FILTER boston
Filter Action
REJECT
Rule Number:
1
Start Source Address: 192.168.1.1
Source Mask:
C
End Source Address:
0.0.0.0
Action:
ACCEPT
Rule Number:
2
Start Source Address: 192.168.17.2
Source Mask:
0
End Source Address:
0.0.0.0
Action:
ACCEPT
Parameters
Description
logging
Specifies type of logging generated:
All -
all filtered packets generate a SYSLOG message
None -
no SYSLOG messages are generated.
Default.
packet_size
Specifies the size of a filtered packet that will be included in the actual
SYSLOG message. When set to zero (0), the size feature is turned off,
causing the entire packet to be included in the SYSLOG message. The
default is
0.
The range is
0-493
bytes.
Parameters
Description
ip_filter_name
Name of the IP filter.