display packet-filter verbose
Use display packet-filter verbose to display application details of ACLs for packet filtering.
Syntax
display packet-filter verbose interface interface-type interface-number { inbound | outbound } [ [ ipv6 ] { acl-number | name acl-name } ] [ slot slot-number ]
Views
Any view
Predefined user roles
network-admin
network-operator
Parameters
interface interface-type interface-number: Specifies an interface by its type and number.
inbound: Specifies the inbound direction.
outbound: Specifies the outbound direction.
ipv6: Specifies IPv6 ACLs.
acl-number: Specifies an ACL by its number.
2000 to 2999 for basic ACLs.
3000 to 3999 for advanced ACLs.
4000 to 4999 for Ethernet frame header ACLs. You cannot specify an Ethernet frame header ACL if the ipv6 keyword is specified.
name acl-name: Specifies an ACL by its name. The acl-name argument is a case-insensitive string of 1 to 63 characters. It must start with an English letter.
slot slot-number: Specifies an IRF member device. The slot-number argument represents the ID of the IRF member device. If you do not specify an IRF member device, this command displays ACL application details for packet filtering on the master device.
slot slot-number: Specifies an IRF member device by its member ID. If you do not specify this option, this command displays ACL application details for packet filtering on the master device.
Usage guidelines
If neither acl-number nor name acl-name is specified, this command displays application details of all ACLs for packet filtering.
Examples
# Display application details of all ACLs for inbound packet filtering on GigabitEthernet 1/0/1.
<Sysname> display packet-filter verbose interface gigabitethernet 1/0/1 inbound Interface: GigabitEthernet1/0/1 In-bound policy: ACL 2001, Hardware-count rule 0 permit rule 5 permit source 1.1.1.1 0 ACL6 2000, Hardware-count rule 0 permit ACL 4000, Hardware-count IPv4 default action: Deny IPv6 default action: Deny MAC default action: Deny
Table 5: Command output
Field | Description |
---|---|
Interface | Interface to which the ACL applies. |
In-bound policy | ACL used for filtering incoming traffic. |
Out-bound policy | ACL used for filtering outgoing traffic. |
ACL 2001 | IPv4 basic ACL 2001 has been successfully applied. |
Hardware-count | Successfully enables counting ACL rule matches. |
IPv4 default action | Packet filter default action for packets that do not match any IPv4 ACLs. This field is displayed only when the default action is deny. |
IPv6 default action | Packet filter default action for packets that do not match any IPv6 ACLs. This field is displayed only when the default action is deny. |
MAC default action | Packet filter default action for packets that do not match any Ethernet frame header ACLs. This field is displayed only when the default action is deny. |