cancel
Showing results for 
Search instead for 
Did you mean: 

How to block traffic to specific udp/tcp ports

How to block traffic to specific udp/tcp ports

Peter_Kulmbrein
New Contributor II
Hi all,

I try to block traffic on specific tcp/udp ports on my x450a switch
I tried that with an ACL packed in a .pol file

entry udp_acl1{ if { source-address 0.0.0.0/0; protocol udp; destination-port 1119 ; } then { count udp ; deny; } } entry tcp_acl{ if { source-address 0.0.0.0/0; protocol tcp; destination-port 1119; } then { count tcp ; deny; } } entry udp_acl2{ if { source-address 0.0.0.0/0; protocol udp; destination-port 3724 ; } then { count udp ; deny; } } entry tcp_acl2{ if { source-address 0.0.0.0/0; protocol tcp; destination-port 3724 ; } then { count tcp ; deny; } }
was what i entered - when applying nothing happens and the counters are empty.
Did open the application and see that there is traffic on that ports using netstat.

Did i miss something? do you have some ideas?

Regards,
Peter
9 REPLIES 9

Peter_Kulmbrein
New Contributor II
the clue was the refresh policy command - after refreshing everything works fine now!
Thx for all your help guys!

Great!! Thanks for letting us know the cause. 

Patrick_Voss
Extreme Employee
If it makes it to the then section the counter should increase.

Peter_Kulmbrein
New Contributor II
Thanks ill give that a try -just for clarification the counter also runs if there are packets hit by deny right?
GTM-P2G8KFN