beautypg.com

Deleting a standard numbered acl entry, Standard acl syntax – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 121

background image

Multi-Service IronWare Security Configuration Guide

103

53-1003035-02

Configuring numbered and named ACLs

3

Deleting a standard numbered ACL entry

You can delete an ACL filter rule by providing the sequence number or without providing the
sequence number. To delete an ACL filter rule without providing a sequence number you must
specify the filter rule attributes. To delete an ACL filter rule providing a sequence number you can
provide the sequence number alone or the sequence number and the other filter rule attributes.

To delete a filter rule with the sequence number “20” from access list “100” by specifying the
sequence number alone, enter the following command.

Brocade(config)# no access-list 100 sequence 20

You can also delete this entry by specifying both the entry sequence number and filter rule
attributes. For example:

Brocade(config)# no access-list 100 sequence 20 permit any any

Alternatively, you can delete this rule by providing the filter rule attributes only. For example:

Brocade(config)# no access-list 100 permit any any

NOTE

If you try to delete an ACL filter rule using the sequence number, but the sequence number that you
specify does not exist, the following error message will be displayed.

"Error: Entry with sequence 20 does not exist!"

Standard ACL syntax

This section presents the syntax for creating and re-sequencing a standard IPv4 ACL and for
binding the ACL to an interface. Use the access-list regenerate-seq-num command to re-sequence
the ACL table. Use the ip access-group command in the interface level to bind the ACL to an
interface.

Syntax: [no] access-list num [sequence num] deny | permit [ vlan vlan-id ]

{host {source-ip | hostname} | hostname wildcard | source-ip/mask-bits | any}

Syntax: access-list num regenerate-seq-num [num]

Syntax: [no] ip access-group num in

Parameters to configure standard ACL statements

num

Enter 1 – 99 for a standard ACL.

sequence num

The sequence parameter specifies where the conditional statement is to be
added in the access list. You can add a conditional statement at particular place
in an access list by specifying the entry number using the sequence keyword. The
range is from 1 through 214748364. If the sequence num option is not specified,
a default sequence number is applied to the clause. The default value is 10+ the
sequence number of the last ACL filter rule provisioned in the ACL table. The
default value for the first clause in an IPv4 ACL table is “10”.

deny | permit Enter

deny if the packets that match the policy are to be dropped; permit if they

are to be forwarded.

vlan vlan-id

Specifies the vlan-id for the ACL filter rule.

See also other documents in the category Brocade Computer Accessories: