Counting Acl Hits - Dell Force10 S4810P Configuration Manual

Step Command Syntax
3
ip access-group
{ in | out } [ implicit-permit ] [ vlan
vlan-range
4
ip access-list [standard |
extended]
To view which IP ACL is applied to an interface, use the
as shown below or the
FTOS(conf-if)#show conf
!
interface GigabitEthernet 0/0
ip address 10.2.1.100 255.255.255.0
ip access-group nimule in
no shutdown
FTOS(conf-if)#
Use only Standard ACLs in the

Counting ACL Hits

You can view the number of packets matching the ACL by using the
entries. E-Series supports packet and byte counts simultaneously. C-Series and S-Series support only one
at any given time.
To view the number of packets matching an ACL that is applied to an interface:
Step Task
1 Create an ACL that uses rules with the count option. See
2 Apply the ACL as an inbound or outbound ACL on an interface. See
3 View the number of packets matching the ACL using the show ip accounting access-list from EXEC
Privilege mode.
118
| Access Control Lists (ACLs)
access-list-name
]
name
show running-config
access-class
Command Mode Purpose
INTERFACE Apply an IP ACL to traffic entering or exiting an
interface.
•
Note: The number of entries allowed per ACL is
hardware-dependent. Refer to your line card
documentation for detailed specification on entries
allowed per ACL.
INTERFACE Apply rules to the new ACL.
show config
command in the EXEC mode.
command to filter traffic on Telnet sessions.
Configure a standard IP ACL
out: configure the ACL to filter outgoing
traffic. This keyword is supported only on
E-Series.
command in the INTERFACE mode
option when creating ACL
count
Assign an IP ACL to an Interface