Hide Navigation Pane
Show Navigation Pane
Feedback
Download
SHA1
Monitoring Secure CLACL Configurations
Purpose
Display information about only secure CLACL configurations. This command and the output are visible only to authorized users—the mirror-enable command must be enabled before using this command. Use the brief or detail keywords with the show secure classifier-list command to display different levels of information.
Action
To display a list of secure CLACLs
host1#show secure classifier-list
Classifier Control List Table
---------- ------- ---- -----
Secure IP secClassA.1 ip any any
Secure IP secClassB.1 ip any not 10.10.10.1 255.255.255.255
Secure IP secClass25.1 user-packet-class 8 source-route-class 100 ip
192.168.44.103 255.255.255.255 any Displays details of each secure CLACL
host1#show secure classifier-list secClass25 detailed
Classifier Control List Table
---------- ------- ---- -----
Secure IP Classifier Control List secClass25
Reference count: 0
Entry count: 1 Classifier-List secClass25 Entry 1
User Packet Class: 8
Source Route Class: 100
Protocol: ip
Not Protocol: false
Source IP Address: 192.168.44.103
Source IP WildcardMask: 255.255.255.255
Not Source Ip Address: false
Destination IP Address: 0.0.0.0
Destination IP WildcardMask:255.255.255.255
Not Destination Ip Address: false Meaning
Table 67 lists show secure classifier-list command output fields.
Table 67: show secure classifier-list Output Fields
Field Name | Field Description |
|---|---|
Reference count | Number of times the CLACL is referenced by policies |
Entry count | Number of entries in the classifier list |
Classifier-List | Name of the classifier list |
Entry | Entry number of the classifier list rule |
Color | Packet color to match: green, yellow, or red |
Protocol | Protocol type |
Not Protocol | If true, matches any protocol except the preceding protocol; if false, matches the preceding protocol |
Source IP Address | Address of the network or host from which the packet is sent |
Source IP WildcardMask | Mask that indicates addresses to be matched when specific bits are set |
Not Source Ip Address | If true, matches any source IP address and mask except the preceding source IP address and mask; if false, matches the preceding source IP address and mask |
Destination IP Address | Number of the network or host from which the packet is sent |
Destination IP WildcardMask | Mask that indicates addresses to be matched when specific bits are set |
Not Destination Ip Address | If true, matches any destination IP address and mask except the preceding destination IP address and mask; if false, matches the preceding destination IP address and mask |
Traffic Class | Name of the traffic class to match |
User Packet Class | User packet value to match |
DS Field | DS field value to match |
TOS Byte | ToS value to match |
Precedence | Precedence value to match |
User Priority bits | User priority bits value to match |
Traffic Class Field | Traffic class field value to match |
EXP Bits | MPLS EXP bit value to match |
EXP Mask | Mask applied to EXP bits before matching |
DE Bit | Frame Relay DE bit value to match5.2.0b1 ID-1381 |
Destination Route Class | Route class used to classify packets based on the packet’s destination address |
Source Route Class | Route class used to classify packets based on the packet’s source address |
Local | If true, matches packets destined to a local interface; if false, matches packets that are traversing the router |
