Per-interface access control list (ACL) counter

The invention claimed is: 1. A method of implementing an access control list (ACL) counter in a network element, the method comprising: receiving a data packet at an interface of the network element, wherein metadata is associated with the data packet; determining whether a search key associated with the data packet matches at least one rule from a plurality of rules stored in an associate memory of the network element; and in response to determining a match between the search key and the at least one rule from the plurality of rules stored in the associative memory: selecting a matched rule based on a priority; obtaining a base index, wherein the base index is associated with the matched rule; selecting an expansion index based on the metadata of the received data packet, wherein the expansion index is associated with the interface of the network element that received the data packet; using a combination of the base index and the expansion index to select a counter in a counter table; and updating the counter in the counter table. 2. The method of claim 1 , further comprising: adding statistics metadata to the data packet, wherein the statistics metadata includes interface ID of the interface of the network element that received the data packet; and using the interface ID to select the expansion index. 3. The method of claim 1 , wherein the base index is indexed into a second counter, wherein the second counter is incremented when the data packet matches a rule from the plurality of rules stored in the associative memory. 4. The method of claim 1 , wherein each counter table is associated with an expansion table. 5. The method of claim 1 , wherein the counter table has predetermined storage space available for storing counter values. 6. The method of claim 5 , wherein a second counter table is automatically allocated when the counter table reaches its predetermined storage space. 7. The method of claim 6 , wherein a second expansion table is automatically allocated in response to an allocation of the second counter table. 8. The method of claim 1 , wherein the expansion index is indexed into an expansion table which has a predetermined amount of storage space for storing expansion values, and the counter table has a predetermined amount of storage space for storing counter values, and if the storage space required to store the expansion values exceeds the predetermined amount of storage space in the expansion table or if the storage space required to store the counter values exceeds the predetermined amount of storage space in the counter table, then a new expansion table and a new counter table are automatically allocated. 9. The method of claim 8 , further comprising, upon allocating the new expansion table and the new counter table, retaining the values stored in existing expansion and counter tables. 10. A method of automatically allocating one or more set of tables in a network element, the method comprising: receiving a plurality of data packets, wherein each data packet from the plurality of data packets is received at a different interface of the network element; determining whether each data packet matches at least one highest priority rule from an access control list (ACL), wherein the ACL comprises a plurality of rules that are stored in an associative memory of the network element; and in response to determining a plurality of matches between a subset of the plurality of data packets received and the ACL: calculating the total number of matched data packets; for each matched data packet, obtaining a base value by using a base index and an expansion value by using an expansion index, wherein the expansion index is indexed to an expansion table that stores a predetermined number of expansion values; using a combination of the base value and the expansion value to select a counter in a counter table, wherein the counter table stores a predetermined number of counter values; in response to determining that either the expansion table does not have storage capacity to store expansion values for the total number of matched data packets or the counter table does not have storage capacity to store counter values for number of matched data packets: automatically allocating a second counter table and a second expansion table; and utilizing the second counter table and the second expansion table for storing the expansion values and the counter values that exceed the storage capacity of the counter table and the expansion table. 11. The method of claim 10 , wherein the base index is associated with the highest priority matched rule. 12. The method of claim 10 , further comprising, upon allocating the second expansion table and the second counter table, retaining index mappings and count values previously stored in the expansion table and counter table. 13. The method of claim 10 , further comprising: adding statistics metadata to the data packet, wherein the statistics metadata includes interface ID of the interface of the network element that received the data packet; and using the interface ID to select the expansion table. 14. A network device comprising: an interface configured to receive a data packet; and control circuitry configured to: receive a data packet at an interface of the network element, wherein metadata is associated with the data packet; determine whether a search key associated with the data packet matches at least one rule from a plurality of rules stored in an associate memory of the network element; and in response to determining a match between the search key and the at least one rule from the plurality of rules stored in the associative memory: select a matched rule based on a priority; obtain a base index, wherein the base index is associated with the matched rule; select an expansion index based on the metadata of the received data packet, wherein the expansion index is associated with the interface of the network element that received the data packet; use a combination of the base index and the expansion index to select a counter in a counter table; and update the counter in the counter table. 15. The network device of claim 14 , further comprising: adding statistics metadata to the data packet, wherein the statistics metadata includes interface ID of the interface of the network element that received the data packet; and using the interface ID to select the expansion index. 16. The network device of claim 14 , wherein the control circuitry is configured to index the base index into a second counter, wherein the second counter is incremented when the data packet matches a rule from the plurality of rules stored in the associative memory. 17. The network device of claim 14 , wherein the counter table has predetermined storage space available for storing counter values. 18. The network device of claim 17 , wherein the control circuitry is configured to automatically allocate a second counter table when the counter table reaches its predetermined storage space. 19. The network device of claim 18 , wherein the control circuitry is configured to automatically allocate a second expansion table in response to allocating the second counter table. 20. The network device of claim 14 , wherein the expansion index is indexed into an expansion table which has a predetermined amount of storage space for storing expansion values and the counter table has a predetermined amount of storage space for storing counter values; and if the storage space require