Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACL (xxx matches) Question???

What exactly does the '1234 matches' mean...???

deny tcp any any eq smtp (171131 matches)

Is this basically saying there were 171131 attempts to use smtp so this is how many times traffic matched this statement and was denied?

Thanks

3 REPLIES
Gold

Re: ACL (xxx matches) Question???

to be more exact, there were 171131 packets that matched on this ACL (assuming other ACE's above it didn't stop a packet that would have matched on this one).

New Member

Re: ACL (xxx matches) Question???

deny icmp any any (21704 matches)

deny tcp any any eq smtp (171131 matches)

deny tcp any any eq nntp

deny tcp any any eq 135

deny tcp any any eq 139 (39 matches)

That's the beginning of this ACL, so are you saying that 21704 matched the deny icmp rule, then 171131 matches that made it past there matched the deny smtp rule...???

Sorry if this is sounding like a dumb question, but just trying to understand exactly what the 'matches' are implying.

Re: ACL (xxx matches) Question???

It means that there were 21704 packets that matched the first ACE, and were dropped without being compared to any of the remaining ACEs in the ACL.

There were 171131 packets that matched the second ACE, and were dropped without being compared to any of the remaining ACEs in the ACL.

For a packet to be compared to the second ACE, it would be necessary for it NOT to have matched any preceding ACEs.

216
Views
0
Helpful
3
Replies