Configuring and managing security ACLs 421Nortel WLAN—Security Switch 2300 Series Configuration GuideViewing security ACL detailsYou can display the contents of one or all security ACLs that are committed. To display the contents of all committedsecurity ACLs, type the following command:WSS# show security acl infoACL information for allset security acl ip acl-999 (hits #2 0)----------------------------------------------------1. deny IP source IP 192.168.0.1 0.0.0.0 destination IP any2. permit IP source IP 192.168.0.2 0.0.0.0 destination IP any enable-hitsset security acl ip acl-2 (hits #1 0)----------------------------------------------------1. permit L4 Protocol 115 source IP 192.168.1.11 0.0.0.0 destination IP 192.168.1.15 0.0.0.0precedence 0 tos 0 enable-hitsYou can also view a specific security ACL. For example, to view acl-2, type the following command:WSS# show security acl info acl-2ACL information for acl-2set security acl ip acl-2 (hits #1 0)----------------------------------------------------1. permit L4 Protocol 115 source IP 192.168.1.11 0.0.0.0 destination IP 192.168.1.15 0.0.0.0precedence 0 tos 0 enable-hitsDisplaying security ACL hitsOnce you map an ACL, you can view the number of packets it has filtered, if you included the keyword hits. (For infor-mation on setting hits, see “Setting a source IP ACL” (page 411).) Type the following command:WSS# show security acl hitsACL hit-countersIndex Counter ACL-name-------------------- ---------------1 0 acl-22 0 acl-9995 916 acl-123To sample the number of hits the security ACLs generate, you must specify the number of seconds between samples. Forexample, to sample the hits generated every 180 seconds, type the following commands:WSS# set security acl hit-sample-rate 180WSS# show security acl hitsACL hit-countersIndex Counter ACL-name------------------- --------------1 31986 acl-red2 0 acl-green