How can I view the ACL hit count configured on the packet filtering firewall

1


  1. In the system view, run the traffic classifier classifier-name command to create a traffic classifier and access the traffic classifier view. Run the if-match acl { acl-number | acl-name } command to configure ACL rules for traffic classification.
  2. In the system view, run the traffic behavior behavior-name command to create a traffic behavior and access the traffic behavior view. Run the statistic enable command to enable the traffic statistics function.
  3. In the system view, run the traffic policy policy-name command to create a traffic policy and access the traffic policy view. Run the classifier classifier-name behavior behavior-name command to associate a traffic classifier and a traffic behavior with the traffic policy.
  4. In the interface view, run the traffic-policy policy-name inbound command.
  5. Run the display traffic policy statistics interface interface-type interface-number inbound verbose rule-base command to view the ACL hit count configured on the packet filtering firewall.

Other related questions:
How to query the ACL hit count configured for the packet filtering firewall
1. Run the traffic classifier classifier-name command in the system view to create a traffic classifier and access the traffic classifier view. Run the if-match acl { acl-number | acl-name } command to configure rules for matching the traffic classifier. 2. Run the traffic behavior behavior-name command in the system view to create a traffic behavior and access the traffic behavior view. Run the statistic enable command to enable the traffic statistics function. 3. Run the traffic policy policy-name command in the system view to create a traffic policy and access the traffic policy view. Run the classifier classifier-name behavior behavior-name command to associate the traffic classifier with the behavior in the policy. 4. Run the traffic-policy policy-name inbound command in the interface view where count is needed. 5. Run the display traffic policy statistics interface interface-type interface-number inbound verbose rule-base command to query the ACL hit count configured for the packet filtering firewall on the interface.

Query the ACL hit count configured for the packet filtering firewall on an AR router
To query the ACL hit count configured for the packet filtering firewall on an AR router, do as follows: 1. Run the traffic classifier classifier-name command in the system view to create a traffic classifier and access the traffic classifier view. Run the if-match acl { acl-number | acl-name } command to configure rules for matching the traffic classifier. 2. Run the traffic behavior behavior-name command in the system view to create a traffic behavior and access the traffic behavior view. Run the statistic enable command to enable the traffic statistics function. 3. Run the traffic policy policy-name command in the system view to create a traffic policy and access the traffic policy view. Run the classifier classifier-name behavior behavior-name command to associate the traffic classifier with the behavior in the policy. 4. Run the traffic-policy policy-name inbound command in the interface view where count is needed. 5. Run the display traffic policy statistics interface interface-type interface-number inbound verbose rule-base command to query the ACL hit count configured for the packet filtering firewall on the interface.

Configure the ACL-based packet filtering firewall on an AR router
The packet filtering firewall filters packets based on a configured ACL. If data flows occur between two security zones, the packet filtering firewall implements filter policies according to ACL rules. In the system view: Run the acl [ number ] acl-number [ match-order { config | auto } ] command to create an ACL and access the ACL view. Note: The ACLs that can be used by the packet filtering firewall include basic ACLs and advanced ACLs. Run the rule command in the ACL view to configure ACL rules. Run the quit command to return to the system view. Run the firewall interzone zone-name1 zone-name2 command to access the interzone view. Run the packet-filter acl-number { inbound | outbound } command to configure the ACL-based packet filtering firewall. The ACL-based packet filtering firewall configured for the interzone can be specific to the inbound and outbound directions, respectively. For details about the commands for configuring the ACL-based packet filtering firewall of AR series routers, see the URL: The AR router configures the ACL packet filtering firewall.

Methods of configuring the ACL for a WLAN device
ACL is essentially a packet filter whose rules act as the filter core. The device matches packets based on these rules to filter specific packets, and allows the filtered packets to pass or prevent them from passing according to the processing policies of the service module on which the ACL is applied. Currently, the ACLs on WLAN devices are classified into basic ACL (2000-2999), advanced ACL (3000-3999), Layer 2 ACL (4000-4999), user ACL (6000-9999), basic ACL 6 (2000-2999), and advanced ACL 6 (3000-3999). Fat APs do not support basic ACL 6 and advanced ACL 6. For more information about the ACL of Huawei WLAN devices, see: V200R005: ACL Configuration in AC6605&AC6005&ACU2(AC&FITAP) Product Documentation . V200R006: ACL Configuration in AC6605&AC6005&ACU2(AC&FITAP)Product Documentation.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top