KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch

281

282

283

284

285

286

287

288

289

290

Deleting an ACL

Syntax:

no ip access-list standard < name-str 1-99 >

no ip access-list extended name-str | 100-199

no access-list 1-99 | 100-199

Removes the specified ACL from the switch running-config file.

NOTE: If an ACL name is assigned to an interface before the ACL itself has actually

been created, then the switch creates an "empty" version of the ACL in the running

configuration and assigns the empty ACL to the interface. Subsequently populating

the empty ACL with explicit ACEs causes the switch to automatically activate the

ACEs as they are created and to implement the implicit deny at the end of the ACL.

Deleting an ACL from the running configuration while the ACL is currently assigned

on an interface results in an "empty" version of the ACL in the running configuration

and on the interface. Subsequently removing the ACL from the interface also removes

the empty ACL from the running configuration.

If you need to remove an ACL identifier assignment on an interface, see “Adding

or removing an ACL assignment on an interface” (page 281)

Inserting an ACE in an existing ACL

This action uses a sequence number to specify where to insert a new ACE into an existing sequence

of ACLs.

Syntax:

ip access-list < standard | extended > < name-str |

1 - 99 | 100 - 199 >

<1-2147483647> permit | deny

< standard-acl-ip-criteria > [ log ]

<1-2147483647> permit | deny

< extented-acl-ip-criteria > [ option ]

The first command enters the "Named-ACL" context for the specified ACL. The

remaining two commands insert a new ACE in a standard or extended ACL,

respectively.

Entering an ACE that would result in an out-of-range sequence number is not allowed.

Use the resequence command to free up ACE numbering availability in the ACL.

See “Resequencing the ACEs in an ACL” (page 290).

To insert a new ACE between existing ACEs in a list:

1. Use ip access-list to enter the "Named-ACL" (nacl) context of the ACE. This applies

regardless of whether the ACE was originally created as a numbered ACL or a named ACL.

2. Begin the ACE command with a sequence number that identifies the position you want the

ACE to occupy. (The sequence number range is 1-2147483647).

3. Complete the ACE with the command syntax appropriate for thetype of ACL you are editing.

For example, inserting a new ACE between the ACEs numbered 10 and 20 in figure -48 requires

a sequence number in the range of 11-19 for the new ACE.

288 IPv4 Access Control Lists (ACLs)