ACL Operational Commands

ACL Show Commands

Syntax:

show acl <option>

Option Description

-

Without any option, this command displays brief information about the access control list (ACL).

detail

Displays detailed information about the access-control list (ACL).

type <acl_type>

Displays detailed information for the specified ACL type.

rule <acl-rule-name>

Displays detailed information for the specified ACL rule name.

ordinal <ordinal>

Displays detailed information for the specified Ordinal.

type <acl_type> rule <rule_name>

Displays detailed information for the specified ACL Type and Rule name.

type <acl_type> ordinal <ordinal>

Displays detailed information for the specified ACL Type and Ordinal.

rule <rule_name> type <acl_type>

Displays detailed information for the specified ACL Type and Rule name.

rule <rule_name> ordinal <ordinal>

Displays detailed information for the specified Rule name and Ordinal.

ordinal <ordinal> type <acl_type>

Displays detailed information for the specified ACL type and ordinal.

ordinal <ordinal> rule <rule_name>

Displays detailed information for the specified rule name and ordinal.

type <acl_type> rule <rule_name> ordinal <ordinal>

Displays detailed information for the specified Ordinal, ACL type and rule name.

type <acl_type> ordinal <ordinal> rule <rule_name>

Displays detailed information for the specified Ordinal, ACL type and rule name.

rule <rule_name> ordinal <ordinal> type <acl_type>

Displays detailed information for the specified Ordinal, ACL type and rule name.

rule <rule_name> type <acl_type> ordinal <ordinal>

Displays detailed information for the specified Ordinal, ACL type and rule name.

ordinal <ordinal> rule <rule_name> type <acl_type>

Displays detailed information for the specified Ordinal, ACL type and rule name.

ordinal <ordinal> type <acl_type> rule <rule_name>

Displays detailed information for the specified Ordinal, ACL type and rule name.

Example 1: Show information about ACLs

supervisor@rtbrick.net: op> show acl
ACL                          Ordinal  Type           Attach Point   Priority   Policer Name
lldp.ifp-0/0/21.trap.rule          0  l2             ifp-0/0/21           50   _DEFAULT_POLICER_LLDP_GLOBAL_10MB
lldp.ifp-0/0/21.trap.rule          1  l2             ifp-0/0/21           50   _DEFAULT_POLICER_LLDP_GLOBAL_10MB
lldp.ifp-0/0/21.trap.rule          2  l2             ifp-0/0/21           50   _DEFAULT_POLICER_LLDP_GLOBAL_10MB
BNG_RADIUS-v4-auth-trap            -  l3v4           -                    50   _DEFAULT_POLICER_20_MB
MFC_GLOBAL_TRAFFIC               102  multifield_ipv4-                   500   -
lldp.ifp-0/0/4.trap.rule           0  l2             ifp-0/0/4            50   _DEFAULT_POLICER_LLDP_GLOBAL_10MB
lldp.ifp-0/0/4.trap.rule           1  l2             ifp-0/0/4            50   _DEFAULT_POLICER_LLDP_GLOBAL_10MB

Example 2: Show detailed information about ACLs

supervisor@rtbrick>LEAF01: op> show acl detail
Rule: rule4
  ACL type: l3v4
  Ordinal: 4
    Match:
      Direction: ingress
      Source IPv4 prefix: 198.51.100.35/24
    Action:
      Drop: True
    Result:
      Trap ID: User Defined
    Statistics:
      Units      Total       Accepted    Dropped
      Packets    4           0           4
      Bytes      424         0           424
  Ordinal: 8
    Match:
      Direction: ingress
      Source IPv4 prefix: 198.51.100.45/24
    Action:
      Drop: True
    Result:
      Trap ID: User Defined
    Statistics:
      Units      Total       Accepted    Dropped
      Packets    9           0           9
      Bytes      990         0           990
Rule: lldp.ifp-0/0/0.trap.rule
  ACL type: l2
  Ordinal: -
    Match:
      Attachment point: ifp-0/0/0
      Direction: ingress
      Destination MAC: 01:80:c2:00:00:0e
    Action:
      Redirect to CPU: True
    Result:
      Trap ID: LLDP
    Statistics:
      Units      Total       Accepted    Dropped
      Packets    105         105         0
      Bytes      12915       12915       0
Rule: lldp.ifp-0/1/0.trap.rule
  ACL type: l2
  Ordinal: -
    Match:
      Attachment point: ifp-0/1/0
      Direction: ingress
      Destination MAC: 01:80:c2:00:00:0e
    Action:
      Redirect to CPU: True
    Result:
      Trap ID: LLDP
    Statistics:
      Units      Total       Accepted    Dropped
      Packets    220         220         0
      Bytes      19140       19140       0

Example 3: Show detailed information for a specified ACL Rule

supervisor@rtbrick.net: op> show acl rule trap_icmp
Rule: trap_icmp
  ACL type: ext_l3v4
  Ordinal: 100           Priority: 500
    Match:
      Direction: external
    Action:
    Result:
      Trap ID: user-defined
      ACL Handle: 1
      External:
        Value: 29
          Is Trap ID: Yes
          Trap ID: 14
          Trap Strength: 0
          Is QoS: No
          Class: 0
          Policer ID: 0

Example 4: Show detailed information for a specified ACL Rule with ACL direction as external and ACL type as ext_multifield_ipv4.

supervisor@rtbrick.net: op> show acl rule global_mfc ordinal 104
Rule: global_mfc
  ACL type: ext_multifield_ipv4
  Ordinal: 104           Priority: 500
    Match:
      Direction: external
      Source IPv4 prefix: 131.0.0.2/32
      IP TOS: 32
    Action:
    Result:
      ACL Handle: 4
       External:
         Value: 3
           Class: 3
           Is Remark: No
           ECN: 0
           Remark Codepoint: 0

ACL Statistics Commands

ACL statistics are currently not supported for PIM, IGMP, and L2TP protocol traffic.

Syntax:

show acl <option> statistics

Option Description

statistics

Displays ACL statistics information

<acl-name> statistics

Displays ACL statistics information for the specified ACL.

type <acl_type> statistics

Displays ACL statistics information for the specified ACL type.

rule <rule_name> statistics

Displays ACL statistics information for the specified rule name.

ordinal <ordinal> statistics

Displays ACL statistics information for the specified ordinal.

type <acl_type> rule <rule_name> statistics

Displays ACL statistics information for the specified ACL type and rule name.

type <acl_type> ordinal <ordinal> statistics

Displays ACL statistics information for the specified ACL type and ordinal.

rule <rule_name> type <acl_type> statistics

Displays ACL statistics information for the specified ACL type and rule name.

rule <rule_name> ordinal <ordinal> statistics

Displays ACL statistics information for the specified rule name and ordinal.

ordinal <ordinal> type <acl_type> statistics

Displays ACL statistics information for the specified ACL type and ordinal.

ordinal <ordinal> rule <rule_name> statistics

Displays ACL statistics information for the specified rule name and ordinal.

<acl_type> rule <rule_name> ordinal <ordinal> statistics

Displays ACL statistics information for the specified ordinal, ACL type and rule name.

type <acl_type> ordinal <ordinal> rule <rule_name> statistics

Displays ACL statistics information for the specified ordinal, ACL type and rule name.

rule <rule_name> ordinal <ordinal> type <acl_type> statistics

Displays ACL statistics information for the specified ordinal, ACL type and rule name.

rule <rule_name> type <acl_type> ordinal <ordinal> statistics

Displays ACL statistics information for the specified ordinal, ACL type and rule name.

ordinal <ordinal> rule <rule_name> type <acl_type> statistics

Displays ACL statistics information for the specified ordinal, ACL type and rule name.

ordinal <ordinal> type <acl_type> rule <rule_name> statistics

Displays ACL statistics information for the specified ordinal, ACL type and rule name.

Example 1: Display ACL statistics information

supervisor@rtbrick>LEAF01: op> show acl statistics
ACL                             Units      Total       Accepted    Dropped
rule4                           Packets    4           0           4
                                Bytes      424         0           424
rule4                           Packets    9           0           9
                                Bytes      990         0           990
lldp.ifp-0/0/0.trap.rule        Packets    107         107         0
                                Bytes      13161       13161       0
lldp.ifp-0/1/0.trap.rule        Packets    221         221         0
                                Bytes      19227       19227       0
lldp.ifp-0/1/1.trap.rule        Packets    221         221         0
                                Bytes      19227       19227       0
lldp.ifp-0/1/4.trap.rule        Packets    214         214         0
                                Bytes      31672       31672       0
lldp.ifp-0/1/5.trap.rule        Packets    214         214         0
                                Bytes      31672       31672       0
lldp.ifp-0/1/6.trap.rule        Packets    214         214         0
                                Bytes      31672       31672       0
lldp.ifp-0/1/12.trap.rule       Packets    107         107         0
                                Bytes      13375       13375       0
lldp.ifp-0/1/13.trap.rule       Packets    107         107         0
                                Bytes      13375       13375       0
lldp.ifp-0/1/22.trap.rule       Packets    107         107         0
                                Bytes      13375       13375       0
lldp.ifp-0/1/23.trap.rule       Packets    107         107         0
                                Bytes      13375       13375       0

Example 2: Display ACL statistics information for the specified ACL

supervisor@rtbrick>LEAF01: op> show acl rule4 statistics
ACL         Units      Total       Accepted    Dropped
rule4       Packets    4           0           4
            Bytes      424         0           424
rule4       Packets    9           0           9
            Bytes      990         0           990

Show Trap Commands

A trap refers to a mechanism where specific packets or traffic conditions are intercepted (or “trapped”) by the system—typically from the data plane to the control plane—for further processing. It provides visibility into how traffic is handled by the system. It includes both forwarded and dropped packet statistics, helping operators analyze traffic behavior to identify anomalies.

Syntax:

show trap <option>

Option Description

trap_name

Specifies the name of the trap. Displays detailed information about a specific trap, including its configuration, state, and associated parameters.

statistics

Displays statistical information for all traps, such as the number of traps generated, sent, or failed.

Example for trap statistics of RPF.

supervisor@rtbrick.net: cfg> show trap statistics rpf
Trap Statistics Type: rpf
    Statistics ID: 1
    Counters:
        Forward-Packets: 0
        Forward-Bytes: 0
        Drop-Packets: 1550
        Drop-Bytes: 2194800

Example for trap statistics of NAT.

supervisor@rtbrick.net: cfg> show trap statistics nat
Trap Statistics Type: nat
    Statistics ID: 524
    Counters:
        Forward-Packets: 20943738
        Forward-Bytes: 29405223462
        Drop-Packets: 38998908
        Drop-Bytes: 54754548576

ACL Clear Commands

Clear commands allow resetting operational states.

Clear ACL Statistics

Syntax:

clear acl <options>

Option Description

statistics

Clears all the ACL statistics.

type <acl_type> statistics

Clears all ACL statistics for the specified ACL type

rule <rule_name> statistics

Clears all ACL statistics for the specified rule

ordinal <ordinal> statistics

Clears all ACL statistics for the specified ordinal

type <acl_type> rule <rule_name> statistics

Clears all ACL statistics for the specified ACL type and rule

type <acl_type> ordinal <ordinal> statistics

Clears all ACL statistics for the specified ACL type and ordinal

rule <rule_name> type <acl_type> statistics

Clears all ACL statistics for the specified ACL type and rule

rule <rule_name> ordinal <ordinal> statistics

Clears all ACL statistics for the specified rule and ordinal

ordinal <ordinal> type <acl_type> statistics

Clears all ACL statistics for the specified ACL Type and Ordinal

ordinal <ordinal> rule <rule_name> statistics

Clears all ACL statistics for the specified Rule name and Ordinal

type <acl_type> rule <rule_name> ordinal <ordinal> statistics

Clears all ACL statistics for the specified Ordinal, ACL Type and Rule name

type <acl_type> ordinal <ordinal> rule <rule_name> statistics

Clears all ACL statistics for the specified Ordinal, ACL Type and Rule name

rule <rule_name> ordinal <ordinal> type <acl_type> statistics

Clears all ACL statistics for the specified Ordinal, ACL Type and Rule name

rule <rule_name> type <acl_type> ordinal <ordinal> statistics

Clears all ACL statistics for the specified Ordinal, ACL Type and Rule name

ordinal <ordinal> rule <rule_name> type <acl_type> statistics

Clears all ACL statistics for the specified Ordinal, ACL Type and Rule name

ordinal <ordinal> type <acl_type> rule <rule_name> statistics

Clears all ACL statistics for the specified Ordinal, ACL Type and Rule name

Example: Clearing ACL Statistics of a specified ACL Rule

supervisor@rtbrick>LEAF01: op> clear acl rule lldp.ifp-0/0/44.trap.rule statistics
Success : command success
supervisor@rtbrick>LEAF01: op>

Clear Trap Statistics

This command clears the accumulated statistics for all traps.

Syntax:

clear trap statistics

Example:

clear trap statistics rpf
supervisor@rtbrick.net: cfg> clear trap statistics rpf
Success : command success