S Commands
statistics per-entry
To start recording statistics for how many packets are permitted or denied by each entry in an IP, a MAC
access control list (ACL), or a VLAN access-map entry, use the statistics per-entry command. To stop
recording per-entry statistics, use the no form of this command.
statistics per-entry
no statistics per-entry
Syntax Description
This command has no arguments or keywords.
Command Default
None
Command Modes
IP access-list configuration
IPv6 access-list configuration
MAC access-list configuration
VLAN access-map configuration
Command History
Release
4.0(3)
4.0(1)
Usage Guidelines
When the device determines that an IPv4, IPv6, MAC, or VLAN ACL applies to a packet, it tests the packet
against the conditions of all entries in the ACLs. ACL entries are derived from the rules that you configure
with the applicable permit and deny commands. The first matching rule determines whether the packet is
permitted or denied. Enter the statistics per-entry command to start recording how many packets are permitted
or denied by each entry in an ACL.
Statistics are not supported if the DHCP snooping feature is enabled.
The device does not record statistics for implicit rules. To record statistics for these rules, you must explicitly
configure an identical rule for each implicit rule. For more information about implicit rules, see the following
commands:
• ip access-list
• ipv6 access-list
• mac access-list
To view per-entry statistics, use the show access-lists command or the applicable following command:
Modification
Changed command from statistics to statistics per-entry.
This command was introduced.
Cisco Nexus 7000 Series Security Command Reference
statistics per-entry
671