Your browser failed to load CSS style sheets. Your browser or web proxy might not support elliptic-curve TLS

Building network automation solutions

9 module online course

Start now!
back to overview

Show IP access lists attached to an interface

When developing yet another Tcl script, I've stumbed across an interesting show command: the show ip access-list interface name introduced in IOS release 12.4(6)T displays the contents of the inbound and outbound IP access-list applied to the specified interface. The really nice part is that the ACL statistics (number of matches displayed next to the ACL lines) are kept and displayed per-interface.For example, this is the printout from one of my test routers:
R2#show ip access-list 101
Extended IP access list 101
10 permit ip any any (1900 matches)
R2#show ip access-list interface tunnel 0
Extended IP access list ICMP in
10 deny icmp any host echo
20 deny icmp any host echo
30 permit ip any any (2279 matches)
Extended IP access list 101 out
10 permit ip any any (10 matches)

Please read our Blog Commenting Policy before writing a comment.

1 comment:

  1. Excellent.

    Have you covered access-lists applied to Tunnel interfaces?


Constructive courteous comments are most welcome. Anonymous trolling will be removed with prejudice.