Configuring the MLS Engine
287
Displaying the MLS Cache Entries
There are several different methods of viewing MLS cache entries. The base
command is show mls entry. However, there are many options available
to customize the output of this basic command.
If you are on a switch and issue the help command for show mls entry,
this is what you get.
Switch1> (enable) sho mls entry ?
Usage: show mls entry [mod] [long|short]
show mls entry ip [mod] [destination <ip_addr_spec>]
[source <ip_addr_spec>] [protocol <protocol>]
[src-port <src_port>] [dst-port <dst_port>]
[short|long]
show mls entry ipx [mod] [destination <ipx_addr_spec>]
[short|long]
(mod = 15 or 16
ip_addr_spec = ip_addr|ip_addr/netmask|ip_addr/maskbit
(maskbit: 0..32)
protocol = 1..255|ip|ipinip|icmp|igmp|tcp|udp
src_port, dst_port = 1..65535|dns|ftp|smtp|telnet|x|www
ipx_addr_spec = dest_net.dest_node|dest_net/mask)
Switch1> (enable)
As you can see, there are quite a few different options. This command,
with the options shown, allows the administrator to view very general infor-
mation or very specific information. To get an idea of what can be generated
from this command, let's review the options.
You can show MLS entries based on the module. The long and short
options modify the output in different ways. Long displays the information
all on one line, and short displays the information using carriage returns. It
is impossible to give an example due to the formatting limitations in this book.
More specific information can be obtained by specifying an IP address or
port information. By specifying options, you can refine your output. Instead
of getting pages and pages of cache entries, you get entries that match your
criteria.
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com