Technical data
BLADE OS 5.1 Application Guide
BMD00136, November 2009 Chapter 7: Quality of Service
105
Viewing ACL Statistics
ACL statistics display how many packets hit (matched) each ACL. Use ACL statistics to check
filter performance, and debug the ACL filters.
You must enable statistics for each ACL that you want to monitor.
ACL Configuration Examples
ACL Example 1
Use this configuration to block traffic to a specific host. All traffic that ingresses on port 1 is denied
if it is destined for the host at IP address 100.10.1.1
1. Configure an Access Control List.
2. Add ACL 1 to port 1.
ACL Example 2
Use this configuration to block traffic from a network destined for a specific host address. All traffic
that ingresses in port 2 with source IP from the class 100.10.1.0/24 and destination IP 200.20.2.2 is
denied.
1. Configure an Access Control List.
2. Add ACL 2 to port 2.
>> # access-control list <ACL number> statistics
>> # access-control list 1 ipv4 destination-ip-address 100.10.1.1
>> # access-control list 1 action deny
>> # interface port 1
>> # access-control list 1
>> # access-control list 2 ipv4 source-ip-address 100.10.1.0
255.255.255.0
>> # access-control list 2 ipv4 destination-ip-address 200.20.2.2
255.255.255.255
>> # access-control list 1 action deny
>> # interface port 2
>> # access-control list 2