Is it possible to provide a user a filtered output from the access-list command .
The problem is we manage a customer router and we don't allow the customer to run the show ip access-list command as it contains our access-list too. The customer insists on having this command available..is there any option to provide him a clean output of this command.
His main goal is to see the number of hits per access-list.
Any help would be surely appreciated
As far as I know the only way to see the hitcount/matches is with the show access-list command. You could perhaps get close to that by adding the log option to the customer access list (but not your access list). Then the customer could see in syslog the activity of their access list. I would not recommend this approach but it is the closest that I can think of to giving you what you are asking about.