cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
375
Views
0
Helpful
2
Replies

Access-list question

Neuromancer
Level 1
Level 1

When I do a show access-list on my 6509 I have the following entries:

deny x.x.x.x , wildcard bits x.x.x.x (6 matches) check=4219

I know the matches info is provided when you put the 'log' entry in the config. But under some of the standard acl, it will list this "check=" info. I haven't been able to find any info on it. Anybody know what it is?

Thanks!

1 Accepted Solution

Accepted Solutions

mheusing
Cisco Employee
Cisco Employee

Hi,

From "Cisco IOS Security Command Reference, Release 12.2SX" for the command "show access-lists"

http://www.cisco.com/en/US/products/ps6017/products_command_reference_chapter09186a00808ab5a8.html#wp1012026

"An access list counter counts how many packets are allowed by each line of the access list. This number is displayed as the number of matches. Check denotes how many times a packet was compared to the access list but did not match. "

Hope this helps! Please use the rating system.

Regards, Martin

View solution in original post

2 Replies 2

mheusing
Cisco Employee
Cisco Employee

Hi,

From "Cisco IOS Security Command Reference, Release 12.2SX" for the command "show access-lists"

http://www.cisco.com/en/US/products/ps6017/products_command_reference_chapter09186a00808ab5a8.html#wp1012026

"An access list counter counts how many packets are allowed by each line of the access list. This number is displayed as the number of matches. Check denotes how many times a packet was compared to the access list but did not match. "

Hope this helps! Please use the rating system.

Regards, Martin

Thanks!!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco