ACL Configuration Overview
Fixed Switch Configuration Guide 24-5
The following example displays IPv4 extended access control list 120, then deletes entries 2 and 3,
and redisplays the ACL.
C5(su)->router(Config)#show access-lists 120
Extended IP access list 120
1: deny ip 20.0.0.1 0.0.255.255 any
2: deny ip 30.0.0.1 0.0.255.255 any
3: deny ip 40.0.0.1 0.0.255.255 any
4: permit ip any any
C5(su)->router(Config)#no access-list 120 2 3
C5(su)->router(Config)#show access-lists 120
Extended IP access list 120
1: deny ip 20.0.0.1 0.0.255.255 any
2: permit ip any any
Moving ACL Rules
An ACL rule or range of rules can be moved to a different location in the ACL using the move
option.
The following example displays IPv4 extended access control list 121, then moves entries 3 and 4
to before entry 2.
C5(su)->router(Config)#show access-lists 121
Extended IP access list 121
1: deny ip 20.0.0.1 0.0.255.255 any
2: permit ip any any
3: deny ip 30.0.0.1 0.0.255.255 any
4: deny ip 40.0.0.1 0.0.255.255 any
C5(su)->router(Config)#access-list 121 move 2 3 4
C5(su)->router(Config)#show access-lists 121
Extended IP access list 121
1: deny ip 20.0.0.1 0.0.255.255 any
2: deny ip 30.0.0.1 0.0.255.255 any
3: deny ip 40.0.0.1 0.0.255.255 any
4: permit ip any any
Replacing ACL Rules
An ACL rule can be replaced using the replace option.
The following example replaces entry 1 in IPv4 extended ACL 121.
C5(su)->router(Config)#show access-lists 121
Extended IP access list 121
1: deny ip 20.0.0.1 0.0.255.255 any
2: deny ip 30.0.0.1 0.0.255.255 any
3: deny ip 40.0.0.1 0.0.255.255 any
4: permit ip any any
C5(su)->router(Config)#access-list 121 replace 1 deny ip 10.0.0.1 0.0.255.255 any
C5(su)->router(Config)#show access-lists 121
Extended IP access list 121
1: deny ip 10.0.0.1 0.0.255.255 any
To Next Page
Loading...
