display packet-filter verbose

Use display packet-filter verbose to display application details of ACLs for packet filtering.

Syntax

display packet-filter verbose interface interface-type interface-number { inbound | outbound } [ [ ipv6 ] { acl-number | name acl-name } ] [ slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number.

inbound: Specifies the inbound direction.

outbound: Specifies the outbound direction.

ipv6: Specifies IPv6 ACLs.

acl-number: Specifies an ACL by its number.

name acl-name: Specifies an ACL by its name. The acl-name argument is a case-insensitive string of 1 to 63 characters. It must start with an English letter.

slot slot-number: Specifies an IRF member device. The slot-number argument represents the ID of the IRF member device. If you do not specify an IRF member device, this command displays ACL application details for packet filtering on the master device.

slot slot-number: Specifies an IRF member device by its member ID. If you do not specify this option, this command displays ACL application details for packet filtering on the master device.

Usage guidelines

If neither acl-number nor name acl-name is specified, this command displays application details of all ACLs for packet filtering.

Examples

# Display application details of all ACLs for inbound packet filtering on GigabitEthernet 1/0/1.

<Sysname> display packet-filter verbose interface gigabitethernet 1/0/1 inbound
Interface: GigabitEthernet1/0/1
 In-bound policy:
  ACL 2001, Hardware-count 
   rule 0 permit
   rule 5 permit source 1.1.1.1 0 

  ACL6 2000, Hardware-count
   rule 0 permit

  ACL 4000, Hardware-count

  IPv4 default action: Deny

  IPv6 default action: Deny

  MAC default action: Deny

Table 5: Command output

Field

Description

Interface

Interface to which the ACL applies.

In-bound policy

ACL used for filtering incoming traffic.

Out-bound policy

ACL used for filtering outgoing traffic.

ACL 2001

IPv4 basic ACL 2001 has been successfully applied.

Hardware-count

Successfully enables counting ACL rule matches.

IPv4 default action

Packet filter default action for packets that do not match any IPv4 ACLs. This field is displayed only when the default action is deny.

IPv6 default action

Packet filter default action for packets that do not match any IPv6 ACLs. This field is displayed only when the default action is deny.

MAC default action

Packet filter default action for packets that do not match any Ethernet frame header ACLs. This field is displayed only when the default action is deny.