F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Access Control Command Reference-6PW100
8
display acl
Use display acl to display configuration and match statistics for IPv4 basic, IPv4 advanced, and Ethernet
frame header ACLs.
Syntax
display acl { acl-number | all | name acl-name } [ | { begin | exclude | include } regular-expression ]
Views
Any view
Default command level
1: Monitor level
Parameters
acl-number: Specifies an ACL by its number:
• 2000 to 2999 for IPv4 basic ACLs
• 3000 to 3999 for IPv4 advanced ACLs
• 4000 to 4999 for Ethernet frame header ACLs
all: Displays information for all IPv4 basic, IPv4 advanced, and Ethernet frame header ACLs.
name acl-name: Specifies an ACL by its name. The acl-name argument takes a case-insensitive string of
1 to 63 characters. It must start with an English letter.
|: Filters command output by specifying a regular expression. For more information about regular
expressions, see Getting Started Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Usage guidelines
This command displays ACL rules in config or depth-first order, whichever is configured.
Examples
# Display configuration and match statistics for all IPv4 basic, IPv4 advanced, and Ethernet frame
header ACLs.
<Sysname> display acl all
Basic ACL 2000, named flow, 3 rules,
This is an IPv4 basic ACL.
ACL's step is 5
rule 0 permit
rule 5 permit source 1.1.1.1 0 (2 times matched)
rule 10 permit vpn-instance mk
Basic ACL 2001, named -none-, 3 rules, match-order is auto,
ACL's step is 5
rule 10 permit vpn-instance rd
rule 10 comment This rule is used in VPN rd.