Viewing the hit counts for access control entries

Prerequisites

You must be in the manager (#) command context: switch#

Procedure

To view the hit counts, enter:

show access-list hitcounts {ip|ipv6|mac} <ACL-NAME> [interface <ID> [{in|out}]]

Use the {ip|ipv6|mac} parameters to limit display of the hit counts from either IPv4, IPv6 or MAC ACLs.
Use the [<ACL-NAME>] parameter to limit display of the hit counts from a specific named ACL.
Use the [interface <ID>] parameters to display the hit counts for a specific interface.

Use the [{in|out}] parameters to limit display of the hit counts from inbound (ingress) ACLs or outbound (egress) ACLs.

Displaying the hit counts for ACLs:

switch# show access-list hitcounts ip MY_ACL interface 1/1/1
Statistics for ACL MY_ACL (ipv4):
Interface 1/1/1 (in):
           Hit Count  Configuration
                   -  10 permit udp any 172.16.1.0/24
                   -  20 permit tcp 172.16.2.0/16 lt 1023 any
                   -  30 permit tcp 172.26.1.0/24 any tcp-syn tcp-ack dscp 10
                   0  40 deny any any any count