Manualshelf

Access Security Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch
261262263264265266267268269270
Figure 182 Screen output listing the sample-list ACL content
Deleting an ACE
1. Enter the ACL context.
To view the sequence numbers of the ACEs in a list, use:
Syntax:
show accesslist <aclnamestr> config
2. Delete the sequence number for the unwanted ACE.
Creating or adding to a standard, numbered ACL
Use the following steps when creating or adding to a numbered, standard ACL:
1. Create a numbered, standard ACL by entering the first ACE in the list.
2. Append a new ACE to the end of an existing, standard ACL.
The following describes the commands for performing these steps.
This command is an alternative to using ip access-list standard < name-str > and
does not use the "Named ACL"(nacl) context.
Syntax:
access-list < 199 > < deny | permit>
< any | host < SA > | SA <mask | SA/ mask-length >> [ log]
Appends an ACE to the end of the list of ACEs in the current IPv4 standard,
numbered ACL. If the ACL does not already exist, creates both the ACL and its first
ACE. In the default configuration, ACEs are automatically assigned consecutive
sequence numbers in increments of 10 and can be renumbered using resequence,
see “Resequencing the ACEs in an ACL” (page 290).
NOTE: To insert a new ACE between two existing ACEs in a standard, numbered
ACL:
1. Use ip access list extended <1 - 99> to open the ACL as a named
ACL.
2. Enter the desired sequence number along with the ACE keywords and variables
you want.
(After a numbered ACL has been created, it can be managed as either a named
or numbered ACL.)
<199>
Specifies the ACL identifier as a number. The switch interprets an ACL with a value
in this range as a standard ACL (which filters all IPv4 traffic on the basis of SA). To
Configuring 261