Access-list question

Answered Question
Dec 10th, 2007

When I do a show access-list on my 6509 I have the following entries:

deny x.x.x.x , wildcard bits x.x.x.x (6 matches) check=4219

I know the matches info is provided when you put the 'log' entry in the config. But under some of the standard acl, it will list this "check=" info. I haven't been able to find any info on it. Anybody know what it is?

Thanks!

I have this problem too.
0 votes
Correct Answer by mheusing about 9 years 1 month ago

Hi,

From "Cisco IOS Security Command Reference, Release 12.2SX" for the command "show access-lists"

http://www.cisco.com/en/US/products/ps6017/products_command_reference_chapter09186a00808ab5a8.html#wp1012026

"An access list counter counts how many packets are allowed by each line of the access list. This number is displayed as the number of matches. Check denotes how many times a packet was compared to the access list but did not match. "

Hope this helps! Please use the rating system.

Regards, Martin

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
mheusing Tue, 12/11/2007 - 09:19

Hi,

From "Cisco IOS Security Command Reference, Release 12.2SX" for the command "show access-lists"

http://www.cisco.com/en/US/products/ps6017/products_command_reference_chapter09186a00808ab5a8.html#wp1012026

"An access list counter counts how many packets are allowed by each line of the access list. This number is displayed as the number of matches. Check denotes how many times a packet was compared to the access list but did not match. "

Hope this helps! Please use the rating system.

Regards, Martin

Actions

This Discussion