ASA - Looking at ACL's (0xdec67386)

ert021 · ‎09-13-2006

Hey guys, this may be a silly question but what are the HEX numbers after the ACL all about? Can you use them to tie the ACCESS list hit with the line in the ASA? That would be cool. Thanks.

access-list inside-in line 8 extended permit tcp any any eq www (hitcnt=176581) 0xdec67386

thomas.chen · ‎09-19-2006

The general format is hostname(config)# access-list access_list_name [line line_number] [extended] {deny | permit} protocol source_address mask [operator port] dest_address mask [operator port | icmp_type] [inactive].There is no hexadecimal number in picture.Refer the following URL for more information on the access list

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a0080450bf0.html

ajagadee · ‎09-19-2006

Richard,

The hex number does not show up on 7.0. But, when I checked with 7.1 it does show up when you do a "show access-list". The interesting part is, the Hex number does not show up in the running configuration.

So, my guess is, the hex number is used to reference the access-list in memory. But, I dont see this documented anywhere in the Pix/ASA Documentation.

Having said that, I am not sure how much you could do with the Hex Number.

I hope it helps.

Regards,

Arul