Access-list question

Answered Question
Dec 10th, 2007
User Badges:

When I do a show access-list on my 6509 I have the following entries:


deny x.x.x.x , wildcard bits x.x.x.x (6 matches) check=4219


I know the matches info is provided when you put the 'log' entry in the config. But under some of the standard acl, it will list this "check=" info. I haven't been able to find any info on it. Anybody know what it is?


Thanks!

Correct Answer by mheusing about 9 years 5 months ago

Hi,


From "Cisco IOS Security Command Reference, Release 12.2SX" for the command "show access-lists"

http://www.cisco.com/en/US/products/ps6017/products_command_reference_chapter09186a00808ab5a8.html#wp1012026


"An access list counter counts how many packets are allowed by each line of the access list. This number is displayed as the number of matches. Check denotes how many times a packet was compared to the access list but did not match. "


Hope this helps! Please use the rating system.


Regards, Martin

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
mheusing Tue, 12/11/2007 - 09:19
User Badges:
  • Cisco Employee,

Hi,


From "Cisco IOS Security Command Reference, Release 12.2SX" for the command "show access-lists"

http://www.cisco.com/en/US/products/ps6017/products_command_reference_chapter09186a00808ab5a8.html#wp1012026


"An access list counter counts how many packets are allowed by each line of the access list. This number is displayed as the number of matches. Check denotes how many times a packet was compared to the access list but did not match. "


Hope this helps! Please use the rating system.


Regards, Martin

Actions

This Discussion