380 CHAPTER 12: SECURITY ACL COMMANDS
Table 72 Output of display security acl resource-usage
Field Description
Number of rules Number of security ACEs currently mapped to ports or
VLANs.
Number of leaf nodes Number of security ACL data entries stored in the rule tree.
Stored rule count Number of security ACEs stored in the rule tree.
Leaf chain count Number of chained security ACL data entries stored in the
rule tree.
Longest leaf chain Longest chain of security ACL data entries stored in the rule
tree.
Number of non-leaf
nodes
Number of nodes with no data entries stored in the rule tree.
Uncompressed Rule
Count
Number of security ACEs stored in the rule tree, including
duplicates—ACEs in ACLs applied to multiple ports, virtual
ports, or VLANs.
Maximum node
depth
Number of data elements in the rule tree, from the root to
the furthest data entry (leaf).
Sub-chain count Sum of action types represented in all security ACL data
entries.
PSCBs in primary
memory
Number of pattern search control blocks (PSCBs) stored in
primary node memory.
PSCBs in secondary
memory
Number of PSCBs stored in secondary node memory.
Leaves in primary Number of security ACL data entries stored in primary leaf
memory.
Leaves in secondary Number of ACL data entries stored in secondary leaf
memory.
Sum node depth Total number of security ACL data entries.
Fragmentation
control
Control value for handling fragmented IP packets.
Note: The current MSS version filters only the first packet of
a fragmented IP packet and passes the remaining fragments.
UC switchdest Control value for handling fragmented IP packets.
Note: The current MSS version filters only the first packet of
a fragmented IP packet and passes the remaining fragments.
Port number Control value for handling fragmented IP packets.
Note: The current MSS version filters only the first packet of
a fragmented IP packet and passes the remaining fragments.
Number of action
types
Number of actions that can be performed by ACLs. This
value is always 2, because ACLs can either permit or deny.