HPE Community
Comware Based
1819791 Members
3175 Online
109607 Solutions
New Discussion

Problem with debugging ip packet acl

 
MJaat
Occasional Advisor

‎09-24-2020 11:15 PM

‎09-24-2020 11:15 PM

Problem with debugging ip packet acl

Hi,

 

 

I have this acl:

acl advanced 3100
 rule 200 deny tcp destination-port eq 22
 rule 209 deny udp destination-port eq ntp
 rule 300 permit ip

 

 

On terminal i put this:

terminal debugging
debugging ip packet acl 3100
terminal monitor

 

Result i got:

<HPE>*Sep 25 07:59:30:582 2020 HPE IPFW/7/IPFW_PACKET:
Receiving, interface = GigabitEthernet0/1
version = 4, headlen = 20, tos = 0
pktlen = 40, pktid = 13536, offset = 0, ttl = 128, protocol = 6
checksum = 1014, s = 192.168.x.x, d = 192.168.x.x
channelID = 0, vpn-InstanceIn = 0, vpn-InstanceOut = 0.
prompt: Receiving IP packet from interface GigabitEthernet0/1.
Payload: TCP
  source port = 50731, destination port = 22
  sequence num = 0x60212a18, acknowledgement num = 0x493e69e8, flags = 0x10
  window size = 8208, checksum = 0xca28, header length = 20.


*Sep 25 07:59:30:667 2020 HPE IPFW/7/IPFW_PACKET:
Receiving, interface = GigabitEthernet0/1
version = 4, headlen = 20, tos = 0
pktlen = 40, pktid = 13537, offset = 0, ttl = 128, protocol = 6
checksum = 1013, s = 192.168.160.x, d = 192.168.160.x
channelID = 0, vpn-InstanceIn = 0, vpn-InstanceOut = 0.
prompt: Receiving IP packet from interface GigabitEthernet0/1.
Payload: TCP
  source port = 50745, destination port = 22
  sequence num = 0xd7282082, acknowledgement num = 0x31549e43, flags = 0x10
  window size = 8207, checksum = 0x4039, header length = 20.


*Sep 25 08:00:04:133 2020 HPE IPFW/7/IPFW_PACKET:
Receiving, interface = GigabitEthernet0/1
version = 4, headlen = 20, tos = 0
pktlen = 76, pktid = 31793, offset = 0, ttl = 64, protocol = 17
checksum = 64764, s = 192.168.160.x, d = 192.168.160.x
channelID = 0, vpn-InstanceIn = 0, vpn-InstanceOut = 0.
prompt: Receiving IP packet from interface GigabitEthernet0/1.
Payload: UDP
  source port = 123, destination port = 123
  checksum = 0x5cbe, length = 56.


*Sep 25 08:00:04:185 2020 HPE IPFW/7/IPFW_PACKET:
Receiving, interface = GigabitEthernet0/1
version = 4, headlen = 20, tos = 0
pktlen = 40, pktid = 13539, offset = 0, ttl = 128, protocol = 6
checksum = 1011, s = 192.168.160.x, d = 192.168.160.x
channelID = 0, vpn-InstanceIn = 0, vpn-InstanceOut = 0.
prompt: Receiving IP packet from interface GigabitEthernet0/1.
Payload: TCP
  source port = 50745, destination port = 22
  sequence num = 0xd7282082, acknowledgement num = 0x3154a2f3, flags = 0x10
  window size = 8210, checksum = 0x3b86, header length = 20.

 

Why does it show these results, how can i prevent this?

If i put:

acl advanced 3100
rule 20 deny ip

 

Nothin comes to terminal.

 

So i assume "rule 20 deny ip" works.

But why does not "rule 200 deny tcp destination-port eq 22" and "rule 209 deny udp destination-port eq ntp" work?

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.