access-list hitcount

Unanswered Question
Jan 4th, 2008

Hi,

I want to see the hitcount on access-list

that has a remark statement

access-list edn_acl line 20 remark RA_ACL extended permit ip 172.28.37.0 255.255.255.0 172.28.64.0 255.255.255.0

this access-list working fine. but i cant see the hitcount as i can see on another acl

access-list edn_acl line 28 extended permit ip host 172.31.205.110 any (hitcnt=5) 0x7807eff6

this is easy to troubleshoot. but now i cant see the hitcount.

Kindly tell me how to see the hitcount.

waiting for reply.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
acomiskey Fri, 01/04/2008 - 07:44

Once you add the "remark" keyword, that acl is nothing more than a comment. Therefore it will never be hit and you won't see a hitcount.

wasiimcisco Fri, 01/04/2008 - 07:50

hi,

u mean to say this acl is not working. and it is useless/unfunction. very strange. Kindly tell me shall i remove the "remark" so that it can start working. If "remark" make the acl useless and unfunction then why cisco give us this option.

r.sneekes Fri, 01/04/2008 - 07:46

As the line is an remark the pix won't do anything with it. It's not an active access-list enty so it can't get hitcount.

only way to get hitcount it to remove the remark statement thus making the acl line active.

acomiskey Fri, 01/04/2008 - 07:55

Yes, you can remove the remark or add the same statement without the remark below it.

The option is there so you can do something like this...

access-list edn_acl remark The following line is for something I may not remember so I want to comment it

access-list edn_acl remark RA_ACL extended permit ip 172.28.37.0 255.255.255.0 172.28.64.0 255.255.255.0

wasiimcisco Fri, 01/04/2008 - 08:07

Thanks for the reply,

but i have so many acl on my firewall and it is difficult for me to remember all acl and their ip.

But by adding remark on these acl it make these acl UNFUNCTION.

If i want to make them functining i have to remove the remark.(am i right ??????)

Actions

This Discussion