Filter
Top Products
Chapter 1 Controlling CSS Access
Controlling CSS Network Traffic Through Access Control Lists
1-32
Cisco Content Services Switch Security Configuration Guide
OL-5650-02
Setting the Show ACL Counters to Zero
Use the zero counts command to reset the content and DNS hit counters in the
show acl command screen to zero for a specific ACL. You must be in an ACL to
use this command. The CSS clears counters only for that ACL.
The syntax and options for this command are:
(config-acl[7])# zero counts
Logging ACL Activity
When you configure the CSS to log ACL activity, it logs the event of the packet
matching the clause and ACL. The CSS sends log information to the location you
specified in the logging command. For information on the logging command,
refer to the Cisco Content Services Switch Administration Guide.
Note We do not recommend logging of an ACL or its clauses. If you enable ACL or
clause logging, it may degrade the performance of the CSS.
Before you configure logging for a specific ACL clause, ensure that global ACL
logging is enabled. To globally enable ACL logging, use the global configuration
mode logging subsystem acl level debug-7 command.
Because the CSS does not save the clause log enable command in the
running-config, you must reenable logging if the CSS reboots.
Router Hits Increments for a packet directly forwarded to the CSS
through a Telnet or FTP session or from a non-TCP or
UDP packet
DNS Hits Increments for a packet that matches an ACL clause for
DNS flows
Table 1-3 Field Descriptions for the show acl Command Output (continued)
Field Description