Version Description9.3.0.0 Added support for logging of ACLs on the S4810, S4820T, andZ9000 platforms.Usage Information When the configured maximum threshold is exceeded, generation of logs is stopped.When the interval at which ACL logs are configured to be recorded expires, thesubsequent, fresh interval timer is started and the packet count for that new intervalcommences from zero. If ACL logging was stopped previously because the configuredthreshold is exceeded, it is re-enabled for this new interval.If ACL logging is stopped because the configured threshold is exceeded, it is re-enabled after the logging interval period elapses. ACL logging is supported for standardand extended IPv4 ACLs, IPv6 ACLs, and MAC ACLs. You can configure ACL loggingonly on ACLs that are applied to ingress interfaces; you cannot enable logging for ACLsthat are associated with egress interfaces.You can activate flow-based monitoring for a monitoring session by entering theflow-based enable command in the Monitor Session mode. When you enable thiscapability, traffic with particular flows that are traversing through the ingress and egressinterfaces are examined and, appropriate ACLs can be applied in both the ingress andegress direction. Flow-based monitoring conserves bandwidth by monitoring onlyspecified traffic instead all traffic on the interface. This feature is particularly usefulwhen looking for malicious traffic. It is available for Layer 2 and Layer 3 ingress andegress traffic. You may specify traffic using standard or extended access-lists. Thismechanism copies all incoming or outgoing packets on one port and forwards (mirrors)them to another port. The source port is the monitored port (MD) and the destinationport is the monitoring port (MG).RelatedCommandspermit (for Standard IPv6 ACLs) – configures a filter to forward IPv6 packets.seq (for IPv6 ACLs)Assign a sequence number to a deny or permit the filter in an IPv6 access list while creating the filter.C9000 SeriesSyntax seq sequence-number {deny | permit} {ipv6-protocol-number | icmp |ip | tcp | udp} {source address mask | any | host ipv6-address}{destination address | any | host ipv6-address} [operator port[port]] [count [byte]] [log [interval minutes] [threshold-in-msgs[count]] [monitor]To delete a filter, use the no seq sequence-number command.IPv6 Access Control Lists (IPv6 ACLs) 1260