beautypg.com

Deleting an ipv6 acl entry, Acl syntax – Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 199

background image

Multi-Service IronWare Security Configuration Guide

181

53-1003035-02

Configuring an IPv6 ACL

4

Deleting an IPv6 ACL entry

You can delete an ACL filter rule by providing the sequence number or without providing the
sequence number. To delete an ACL filter rule without providing a sequence number you must
specify the filter rule attributes. To delete an ACL filter rule providing a sequence number you can
provide the sequence number alone or the sequence number and the other filter rule attributes.

To delete a filter rule with the sequence number “23” from access list “

ipv6_acl

” by specifying the

sequence number alone, enter the following command.

Brocade(config)# ipv6 access-list ipv6_acl

Brocade(config-ipv6-access-list-ipv6_acl)# no sequence 23

You can also delete this entry by specifying both the entry sequence number and filter rule
attributes. For example:

Brocade(config)# ipv6 access-list ipv6_acl

Brocade(config-ipv6-access-list-ipv6_acl)# no sequence 23 deny esp 2::/64 any

Alternatively, you can delete this rule by providing the filter rule attributes only. For example:

Brocade(config)# ipv6 access-list ipv6_acl

Brocade(config-ipv6-access-list-ipv6_acl)# no deny esp 2::/64 any

NOTE

If you try to delete an ACL filter rule using the sequence number, but the sequence number that you
specify does not exist, the following error message will be displayed.

"Error: Entry with sequence 23 does not exist!"

ACL syntax

The following syntax rules apply for IPv6 ACLs.

Syntax: [no] ipv6 access-list acl name

Syntax: [no] permit | deny [ vlan vlan-id] protocol

ipv6-source-prefix/prefix-length | any | host source-ipv6_address
ipv6-destination-prefix/prefix-length | any | host ipv6-destination-address
[ipv6-operator [value]]
[copy-sflow] | [drop-precedence dp-value] | [drop-precedence-force dp-value] |
[dscp dscp-value] | [dscp-marking dscp-value] [mirror] | [priority-force number] |
[sequence num]

Syntax: [no] [sequence num] permit | deny [ vlan vlan-id] protocol

ipv6-source-prefix/prefix-length | any | host source-ipv6_address
ipv6-destination-prefix/prefix-length | any | host ipv6-destination-address
[ipv6-operator [value]]]
[copy-sflow] | [drop-precedence dp-value] | [drop-precedence-force ] |
[dscp dscp-value] | [dscp-marking dscp-value] [mirror] | [priority-force number]

Syntax: regenerate-seq-num [num]

See also other documents in the category Brocade Computer Accessories: