The traffic-analysis acl command enables the intelligent traffic ACL function.
The undo traffic-analysis acl command disables the intelligent traffic ACL function.
| Parameter | Description | Value |
|---|---|---|
number |
Specifies the number of an advanced ACL. |
The value is an integer ranging from 3000 to 3999. |
By default, the intelligent traffic ACL function is disabled.
Usage Scenario
The intelligent UDP traffic analysis module can match the UDP traffic passing through the inbound interface against ACL rules and analyze the traffic based on the block granularity.
Prerequisites
Before enabling intelligent UDP traffic analysis, run the acl command in the system to create an ACL. The intelligent UDP traffic analysis supports only the permit parameter in the rule command for UDP traffic. In addition, you can specify the source IP address, destination IP address, source port number, destination port number, or any combination using the rule [ rule-id ] permit udp [ source { source-ip-address { 0 | source-wildcard } | destination { destination-ip-address { 0 | destination-wildcard } | source-port eq port | destination-port eq port ] * command.
All service flows that match the preceding advanced ACL are sent to the TAP for processing.