Solved: Re: Rules Extraction from PIX 515 (PIX Ver:7.0)

huynhkhay · ‎09-28-2006

Hi,

I have a lot of Access Rules configured in my PIX515 and since I'm not the person in charge of this Firewall since the beginning, I'm getting lost with all theses rules...

I see somewhere that you can "extract" rules and for each rule, get how many times the rule was used..

for example:

3 tcp any any eq www (856)

4 udp any any eq domain (732249)

etc

With that, I can find the rules which are not used...

Do you know how I can do that? (obtain theses statistics) ? Should I use a software or is there a command in the PIX to get this particular information?

Thanks you by advance for your help!

Patrick Iseli · ‎09-28-2006

Just execute in the commnad line interface the following command.

show access-list

You will se behind each line the hitcoult number which indictes how many times that ACL was hit.

Reference:

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a0080637380.html#wp1078130

sincerely

Patrick

View solution in original post

Patrick Iseli · ‎09-28-2006

Just execute in the commnad line interface the following command.

show access-list

You will se behind each line the hitcoult number which indictes how many times that ACL was hit.

Reference:

http://www.cisco.com/en/US/products/ps6120/products_configuration_guide_chapter09186a0080637380.html#wp1078130

sincerely

Patrick

huynhkhay · ‎09-28-2006

Hi Patrick,

Thanks you very much, it was exactly what i was looking for.

bye

huynhkhay · ‎09-29-2006

Hi,

I have one more question:

the "Hitcnt" the "show access-list" command indicates, is it the hitcount since my PIX is UP? Or since an other date?