10-21-2010 08:47 AM - edited 03-11-2019 11:58 AM
Hi
I have a FWSM 4.1.3 running A/A and on one of the contexts when I issues "show access-list", has many of the hitcnt=*
This only seems to occur when the ACL references an object-group, that has a name in it.
eg:
name 1.1.1.10 host1
object-group network networks1
network host 1.1.1.1
network host host1
access-list acl1 per ip object-group networks1 any
show access-list
access-list acl1 line 1 permit ip host 1.1.1.1 any (hitcnt=50)
access-list acl1 line 2 permit ip host host1 any (hitcnt=*)
Now, I can sucessfully pass traffic through this on line 2, but the counter doesn't incrememt.
I've checked the bug tracker, which I can't find anything like this related to the code I'm running.
Is this cosmetic???
thank you.
Solved! Go to Solution.
10-21-2010 09:12 AM
Hi,
You'll see the * when ACL optimization is enabled on the FWSM. The * indicates that the rule was merged with another rule(s) due to the optimization, which would make the hitcount for that specific rule inaccurate on its own.
Federico.
10-21-2010 09:12 AM
Hi,
You'll see the * when ACL optimization is enabled on the FWSM. The * indicates that the rule was merged with another rule(s) due to the optimization, which would make the hitcount for that specific rule inaccurate on its own.
Federico.
10-21-2010 09:25 AM
Nice one Coto!!!
:-)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide