Counting Acl Hits - Dell Force10 C150 Configuration Manual

To apply an IP ACL (standard or extended) to a physical or port channel interface, use these commands in
the following sequence in the INTERFACE mode:
Step Command Syntax
interface interface slot/port
1
ip address
2
ip access-group
3
{ in | out } [ implicit-permit ] [ vlan
vlan-range
ip access-list [standard |
4
extended]
To view which IP ACL is applied to an interface, use the
INTERFACE mode or the
Figure 8-9. Command example:
FTOS(conf-if)#show conf
!
interface GigabitEthernet 0/0
ip address 10.2.1.100 255.255.255.0
ip access-group nimule in
no shutdown
FTOS(conf-if)#
Use only Standard ACLs in the

Counting ACL Hits

You can view the number of packets matching the ACL by using the
entries. E-Series supports packet and byte counts simultaneously. C-Series and S-Series support only one
at any given time.
To view the number of packets matching an ACL that is applied to an interface:
Step Task
1 Create an ACL that uses rules with the count option. See
2 Apply the ACL as an inbound or outbound ACL on an interface. See
page 147
148 | IP Access Control Lists (ACL), Prefix Lists, and Route-maps
ip-address
access-list-name
]
name
show running-config
access-class
Command Mode Purpose
CONFIGURATION Enter the interface number.
INTERFACE Configure an IP address for the interface, placing
it in Layer-3 mode.
INTERFACE Apply an IP ACL to traffic entering or exiting an
interface.
•
INTERFACE Apply rules to the new ACL.
show config
command in the EXEC mode.
in the INTERFACE Mode
show config
command to filter traffic on Telnet sessions.
Configure a standard IP ACL on page 140
out: configure the ACL to filter outgoing
traffic. This keyword is supported only on
E-Series.
Note: The number of entries allowed per
ACL is hardware-dependent. Refer to
your line card documentation for detailed
specification on entries allowed per ACL.
command (Figure 232)
count
option when creating ACL
Assign an IP ACL to an Interface on
in the