HP 6120G/XG HP ProCurve Series 6120 Blade Switches Access Security Guide - Page 384
Displaying the Current ACL Resources, Table 9-8.
View all HP 6120G/XG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 384 highlights
IPv4 Access Control Lists (ACLs) Displaying ACL Data Table 9-8. Descriptions of Data Types Included in Show Access-List < interface > Output Field Name Type Applied ID action IP Mask proto oper port(s) Log Description The ACL identifier. Can be a number from 1 to 199, or a name. Standard or Extended. The former uses only source IP addressing. The latter uses both source and destination IP addressing and also allows TCP or UDP port specifiers. "Yes" means the ACL has been applied to an interface. "No" means the ACL exists in the switch configuration, but has not been applied to any interfaces, and is therefore not in use. The sequential number of the Access Control Entry (ACE) in the specified ACL. Permit (forward) or deny (drop) a packet when it is compared to the criteria in the applicable ACE and found to match. In Standard ACLs: The source IP address to which the configured mask is applied to determine whether there is a match with a packet. In Extended ACLs: The source and destination IP addresses to which the corresponding configured masks are applied to determine whether there is a match with a packet. The mask configured in an ACE and applied to the corresponding IP address in the ACE to determine whether a packet matches the filtering criteria. Used only in extended ACLs to specify the packet protocol type to filter. Must be either IP, TCP, or UDP. Used only in extended ACLs where a TCP or UDP port type and number have been entered. Specifies how to compare the corresponding TCP or UDP port number in a packet to the port number in the ACE. Used only in extended ACLs to show any TCP or UDP port number that has been entered in the ACE. Shows the status of logging for the entry (ACE). A blank space indicates ACL logging is not enabled for that ACE. Displaying the Current ACL Resources Assigning an ACL to one or more interfaces reduces the available resources for those interfaces. (An unassigned ACL does not affect the rule count.) This command displays the current rules and resources used on the switch. For more information on rule and mask usage, refer to "Planning an ACL Applica tion" on page 9-17. Syntax: show access-list resources Displays the rules and resources that have been used on the switch. For more information, refer to "ACL Resource Usage and Monitoring" on page 9-17. 9-60