Table of Contents
Advertisement
To insert a new ACE between existing ACEs in a list:
Use ip access-list to enter the "Named-ACL" (nacl) context of the ACE.
1.
This applies regardless of whether the ACE was originally created as a
numbered ACL or a named ACL.
2.
Begin the ACE command with a sequence number that identifies the
position you want the ACE to occupy. (The sequence number range is 1-
2147483647.)
3.
Complete the ACE with the command syntax appropriate for the type of
ACL you are editing.
For example, inserting a new ACE between the ACEs numbered 10 and 20 in
figure 10-25 requires a sequence number in the range of 11-19 for the new ACE.
HP Switch(config)# ip access-list standard My-List
HP Switch(config-std-nacl)# 15 deny 10.10.10.1/24
HP Switch(config-std-nacl)# show run
.
.
.
ip access-list standard "My-List"
10 permit 10.10.10.25 0.0.0.0
15 deny 10.10.10.1 0.0.0.255
20 permit 10.20.10.117 0.0.0.0
30 deny 10.20.10.1 0.0.0.255
40 permit 0.0.0.0 255.255.255.255
exit
Figure 10-26. Example of Inserting an ACE in an Existing ACL
In the following example, the first two ACEs entered become lines 10 and 20
in the list. The third ACE entered is configured with a sequence number of 15
and is inserted between lines 10 and 20.
IPv4 Access Control Lists (ACLs)
Editing an Existing ACL
Enters the "Named-ACL
context for "My-List".
Inserts the new ACE.
10-89
Hide quick links:
Advertisement
Table of Contents
