Manualshelf

Cisco Nexus 5000 Series Switch CLI Software Configuration Guide, NX-OS 4.0(1a)N1 (OL-16597-01, January 2009)

ManualsBrandsHP ManualsStorageCisco MDS 9513 with Supervisor 2 Director Switch
291292293294295296297298299300
Send feedback to nx5000-docfeedback@cisco.com
20-6
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
Chapter 20 Configuring ACLs
Configuring IP ACLs
To change an IP ACL, perform this task:
Removing an IP ACL
You can remove an IP ACL from the switch.
Before you remove an IP ACL from the switch, be sure that you know whether the ACL is applied to an
interface. The switch allows you to remove ACLs that are currently applied. Removing an ACL does not
affect the configuration of interfaces where you have applied the ACL. Instead, the switch considers the
removed ACL to be empty.
Command Purpose
Step 1
switch# configure terminal
Enters configuration mode.
Step 2
switch(config)# ip access-list name
Enters IP ACL configuration mode for the ACL that
you specify by name.
Step 3
switch(config-acl)# [sequence-number]
{permit|deny} protocol source destination
(Optional) Creates a rule in the IP ACL. Using a
sequence number allows you to specify a position
for the rule in the ACL. Without a sequence number,
the rule is added to the end of the rules. The
sequence-number argument can be a whole number
between 1 and 4294967295.
The permit and deny commands support many
ways of identifying traffic. For more information,
see the Cisco Nexus 5000 Series Command
Reference.
Step 4
switch(config-acl)# no {sequence-number |
{permit|deny} protocol source destination}
(Optional) Removes the rule that you specified
from the IP ACL.
The permit and deny commands support many
ways of identifying traffic. For more information,
see the Cisco Nexus 5000 Series Command
Reference.
Step 5
switch(config-acl)# [no] statistics
(Optional) Specifies that the switch maintains
global statistics for packets matching the rules in
the ACL.
The no option stops the switch from maintaining
global statistics for the ACL.
Step 6
switch(config-acl)# show ip access-lists
name
(Optional) Displays the IP ACL configuration.
Step 7
switch(config-acl)# copy running-config
startup-config
(Optional) Copies the running configuration to the
startup configuration.