display packet-filter

Use display packet-filter to display whether an ACL has been successfully applied to an interface for packet filtering.

Syntax

display packet-filter { interface [ interface-type interface-number ] [ inbound | outbound ] | interface vlan-interface vlan-interface-number [ inbound | outbound ] [ slot slot-number ] }

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface [ interface-type interface-number ]: Specifies an interface by its type and number. VLAN interfaces are not supported. If you do not specify an interface, this command displays ACL application information on all interfaces except VLAN interfaces for packet filtering.

interface vlan-interface vlan-interface-number: Specifies a VLAN interface by its number.

inbound: Specifies the inbound direction.

outbound: Specifies the outbound direction.

slot slot-number: Specifies an IRF member device. The slot-number argument represents the member ID of the IRF member device. If you do not specify an IRF member device, this command displays ACL application information for packet filtering on the master device.

Usage guidelines

If neither the inbound keyword nor the outbound keyword is specified, this command displays the ACL application information for both inbound and outbound packet filtering.

Examples

# Display ACL application information for inbound packet filtering on interface GigabitEthernet 1/0/1.

<Sysname> display packet-filter interface gigabitethernet 1/0/1 inbound
Interface: GigabitEthernet1/0/1
In-bound policy:                                                               
  ACL 2001, Hardware-count                                                      
  ACL6 2002                                                                     
  IPv4 default action: Deny                                                     
  IPv6 default action: Deny                                                     

Table 2: Command output

Field

Description

Interface

Interface to which the ACL applies.

In-bound policy

ACL used for filtering incoming traffic.

Out-bound policy

ACL used for filtering outgoing traffic.

ACL 2001

IPv4 basic ACL 2001 has been successfully applied.

Hardware-count

Successfully enables counting ACL rule matches.

IPv4 default action

Packet filter default action for packets that do not match any IPv4 ACLs. This field is displayed only when the default action is deny.

IPv6 default action

Packet filter default action for packets that do not match any IPv6 ACLs. This field is displayed only when the default action is deny.

MAC default action

Packet filter default action for packets that do not match any Ethernet frame header ACLs. This field is displayed only when the default action is deny.