beautypg.com

Numbered acls: deleting a comment, Named acls: adding a comment to a new acl – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 142

background image

124

Multi-Service IronWare Security Configuration Guide

53-1003035-02

Modifying ACLs

3

Complete the syntax by specifying any options you want for the ACL entry. Options you can use to
configure standard or extended numbered ACLs are discussed in

“Configuring standard or

extended named ACLs”

.

Numbered ACLs: deleting a comment

For example, if the remark “Permit all users” has been defined for ACL 99, remove the remark by
entering the following command.

Brocade(config)# no access-list 99 remark Permit all users

Syntax: [no] access-list number remark comment-text

Named ACLs: adding a comment to a new ACL

You can add a comment to an ACL by performing the tasks listed below.

1. Use the show access-list command to display the contents of the ACL. For example, you may

have an ACL named “entry” and a show access-list command shows that it has only one entry.

2. Add a new entry with a remark to this named ACL by entering commands such as the following:

Brocade(config)#ip access-list standard entry

Brocade(config-std-nacl-entry)# remark Deny traffic from Marketing

Brocade(config-std-nacl-entry)# deny 10.6.7.8

3. Enter a show access-list command displays the new ACL entry with its remark.

Brocade(config)# show access-list name entry

Standard IP access-list entry

deny host 10.2.4.5

ACL remark: Deny traffic from Marketing

deny host 10.6.7.8

Syntax: [no] ip access-list standard | extended acl-name

Syntax: [no] remark string

Syntax: [no] deny options | permit options

The standard | extended parameter indicates the ACL type.

The acl-name parameter is the IPv4 ACL name. You can specify a string of up to 256 alphanumeric
characters. You can use blanks in the ACL name if you enclose the name in quotation marks (for
example, “ACL for Net1”). The acl-num parameter allows you to specify an ACL number if you prefer.
If you specify a number, enter a number from 1 – 99 for standard ACLs or 100 – 199 for extended
ACLs.

The remark string adds a comment to the ACL entry that you are about to create. The comment can
have up to 128 characters in length. The comment must be entered separately from the actual ACL
entry; that is, you cannot enter the ACL entry and the ACL comment with the same command. Also,
in order for the remark to be displayed correctly in the output of show commands, the comment
must be entered immediately before the ACL entry it describes.

Brocade(config)# show access-list name entry

Standard IP access-list 99

deny host 10.2.4.5

See also other documents in the category Brocade Computer Accessories: