470Security ACL Commands

commit security acl on page 452

set mac-user attr on page 197

set mac-usergroup attr on page 203

set security acl on page 454

set user attr on page 207

set usergroup on page 208

show security acl map on page 464

set security acl hit-sample-rate

Specifies the time interval, in seconds, at which the packet counter for each security ACL is sampled for display. The counter counts the number of packets filtered by the security ACL—or “hits.”

Syntax set security acl hit-sample-rate seconds

seconds

Number of seconds between samples. A sample rate of 0 (zero) disables

 

the sample process.

Defaults By default, the hits are not sampled.

Access Enabled.

 

History

 

Version 4.1

Syntax changed from hit-sample-rate seconds to set security

 

acl hit-sample-rateseconds, to allow the command to be saved

 

in the configuration file.

Usage To view counter results for a particular ACL, use the show security acl info acl-namecommand. To view the hits for all security ACLs, use the show security acl hits command.

Examples The first command sets WSS Software to sample ACL hits every 15 seconds. The second and third commands display the results. The results show that 916 packets matching security acl_153 were sent since the ACL was mapped.

WSS# set security acl hit-sample-rate 15

WSS# show security acl info acl_153

ACL information for acl_153

set security acl ip acl_153 (hits #3 916)

---------------------------------------------------------

1. permit IP source IP 20.1.1.1 0.0.0.0 destination IP any enable-hits

NN47250-100 (Version 02.51)

Page 470
Image 470
Nortel Networks 2300 Series manual Set security acl hit-sample-rate, Syntax set security acl hit-sample-rate seconds