Cisco Nexus 7000 Series Command Reference Manual page 805
Hide thumbs
Also See for Nexus 7000 Series:
- Reference manual (746 pages) ,
- Configuration manual (536 pages) ,
- Hardware installation and reference manual (508 pages)
Table of Contents
Advertisement
Show Commands
• Whether per-entry statistics are configured for the ACL.
• Whether the fragments command is configured for the ACL.
• The number of rules in the ACL configuration. This number does not reflect how many entries that the
• The interfaces that the ACL is applied to.
• The interfaces that the ACL is active on.
The show ip access-lists command displays statistics for each entry in an ACL if the following conditions
are both true:
• The ACL configuration contains the statistics per-entry command.
• The ACL is applied to an interface that is administratively up.
If an IP ACL includes the fragments command, it appears before the explicit permit and deny rules, but the
device applies the fragments command to noninitial fragments only if they do not match all other explicit
rules in the ACL.
This command does not require a license.
Examples
This example shows how to use the show ip access-lists command to display all IPv4 ACLs on a device that
has a single IPv4 ACL:
switch# show ip access-lists
IP access list ipv4-open-filter
This example shows how to use the show ip access-lists command to display an IPv4 ACL named
ipv4-RandD-outbound-web, including per-entry statistics for the entries except for the MainLab object group:
switch# show ip access-lists ipv4-RandD-outbound-web
IP access list ipv4-RandD-outbound-web
This example shows how to use the show ip access-lists command to display an IPv4 ACL named
ipv4-RandD-outbound-web. The expanded keyword causes the contents of the object group from the previous
example to appear, including the per-entry statistics:
switch# show ip access-lists ipv4-RandD-outbound-web expanded
IP access list ipv4-RandD-outbound-web
This example shows how to use the show ip access-lists command with the summary keyword to display
information about an IPv4 ACL named ipv4-RandD-outbound-web, such as which interfaces the ACL is
applied to and active on:
switch# show ip access-lists ipv4-RandD-outbound-web summary
IPV4 ACL ipv4-RandD-outbound-web
ACL contains when the device applies it to an interface. If a rule in the ACL uses an object group, the
number of entries in the ACL when it is applied may be much greater than the number of rules.
10 permit ip any any
statistics per-entry
fragments deny-all
1000 permit ahp any any [match=732]
1005 permit tcp addrgroup MainLab any eq telnet
1010 permit tcp any any eq www [match=820421]
statistics per-entry
1000 permit ahp any any [match=732]
1005 permit tcp 10.52.34.4/32 any eq telnet [match=5032]
1005 permit tcp 10.52.34.27/32 any eq telnet [match=433]
1010 permit tcp any any eq www [match=820421]
Statistics enabled
Cisco Nexus 7000 Series Security Command Reference
show ip access-lists
779
- Quick Links:
- Aaa Authorization Commands Default
Hide quick links:
Advertisement
Table of Contents
