Is there any possiblity to check the dropped packets....

Userlevel 1
Is there any possibility to check the dropped packets based on the access rule we have written?

Actual scenario is, We are facing the issue in our network because huge volume of mDNS multicast packets. So, We trying to block the mDNS multicast packets using the following Policy file.

entry block_IPv4mDNS{
if match all {
destination-address ;
then {
count ipv4mDNSdeny ;

So, Is there any way to check whether these packets are blocked? If possible, Please share.


3 replies

Userlevel 6
Show access-list counter would show how many packets are blocked.
Userlevel 6
You could did a mirror action in the ACL. Then you could plug a PC in to see the traffic.
Userlevel 6
or log them to the log using this article.