3Com WX2200 3CRWX220095A Switch User Manual


 
Creating and Committing a Security ACL 389
You can also view a specific security ACL. For example, to view acl-2, type
the following command:
WX1200# display security acl info acl-2
ACL information for acl-2
set security acl ip acl-2 (hits #1 0)
----------------------------------------------------
1. permit L4 Protocol 115 source IP 192.168.1.11 0.0.0.0 destination IP
192.168.1.15 0.0.0.0 precedence 0 tos 0 enable-hits
Displaying Security ACL Hits
Once you map an ACL, you can view the number of packets it has
filtered, if you included the keyword hits. (For information on setting hits,
see “Setting a Source IP ACL” on page 380.) Type the following
command:
WX1200# display security acl hits
ACL hit-counters
Index Counter ACL-name
----- -------------------- --------
1 0 acl-2
2 0 acl-999
5 916 acl-123
To sample the number of hits the security ACLs generate, you must
specify the number of seconds between samples. For example, to sample
the hits generated every 180 seconds, type the following commands:
WX1200# set security acl hit-sample-rate 180
WX1200# display security acl hits
ACL hit-counters
Index Counter ACL-name
----- -------------------- --------
1 31986 acl-red
2 0 acl-green
To display the security ACL hits on MAP 7, type the following command:
WX# display ap acl hits 7
ACL hit-counters for AP 7
Index Counter ACL-name
----- -------------------- --------
1 0 acl_2
2 0 acl_175
3 916 acl_123