10-90
IPv4 Access Control Lists (ACLs)
Editing an Existing ACL
Figure 10-27. Example of Inserting an ACE into an Existing Sequence
Deleting an ACE from an Existing ACL
This action uses ACL sequence numbers to delete ACEs from an ACL.
1. To find the sequence number of the ACE you want to delete, use show run
or show access-list < name-str | 1 - 99 | 100-199 > to view the ACL.
2. Use ip access-list to enter the “Named-ACL” (nacl) context of the ACE.
This applies regardless of whether the ACE was originally created as a
numbered ACL or a named ACL.
3. In the “Named-ACL” context, type no and enter the sequence number of
the ACE you want to delete.
Syntax: ip access-list < standard | extended > < name-str | 1 - 99 | 100 - 199 >
no < seq-# >
The first command enters the “Named-ACL” context for the
specified ACL. The no command deletes the ACE corresponding
to the sequence number entered. (Range: 1 - 2147483647 )
HP Switch(config)# ip access-list standard List-01
HP Switch(config-std-nacl)# permit 10.10.10.1/24
HP Switch(config-std-nacl)# deny 10.10.1.1/16
HP Switch(config-std-nacl)# 15 permit 10.10.20.1/24
HP Switch(config-std-nacl)# show run
Running configuration:
. . .
ip access-list standard "List-01"
10 permit 10.10.10.1 0.0.0.255
15 permit 10.10.20.1 0.0.0.255
20 deny 10.10.1.1 0.0.255.255
exit
Becomes Line 10
Becomes Line 20
Lines 10 and 20
were automatically
numbered accord-
ing to their order of
entry in the list. Line
15 was explicitly
numbered by the 15
permit command
and was inserted in
its proper place in
the list.
To Next Page
Loading...
Need help?
General