beautypg.com

Brocade Multi-Service IronWare Security Configuration Guide (Supporting R05.6.00) User Manual

Page 370

background image

352

Multi-Service IronWare Administration Configuration Guide

53-1003035-02

Backward compatibility with earlier releases

A

Extended IP access list 191 : 4 entries

11111: sequence 11111 permit ip host 1.191.1.1 198.19.1.0 0.0.0.255

12115: sequence 12115 deny ip host 1.191.1.11 198.19.1.0 0.0.0.255

29195: sequence 29195 deny ip host 1.191.1.249 198.19.1.0 0.0.0.255

30165: sequence 30165 permit ip any any

-------------------------------------------------

Brocade(config-acl-policy)# no suppress-acl-seq

Brocade(config-acl-policy)# display-config-format

Brocade(config-acl-policy)# exit

Brocade(config)# show access-list 191

ip access-list extended 191

sequence 11111 permit ip host 1.191.1.1 198.19.1.0 0.0.0.255

sequence 12115 deny ip host 1.191.1.11 198.19.1.0 0.0.0.255

sequence 29195 deny ip host 1.191.1.249 198.19.1.0 0.0.0.255

sequence 30165 permit ip any any

-------------------------------------------------

Brocade(config-acl-policy)# suppress-acl-seq

Brocade(config-acl-policy)# no display-config-format

Brocade(config-acl-policy)# exit

Brocade(config)# show access-list 191

Extended IP access list 191 : 4 entries

11111: permit ip host 1.191.1.1 198.19.1.0 0.0.0.255

12115: deny ip host 1.191.1.11 198.19.1.0 0.0.0.255

29195: deny ip host 1.191.1.249 198.19.1.0 0.0.0.255

30165: permit ip any any

-------------------------------------------------

Brocade(config-acl-policy)# suppress-acl-seq

Brocade(config-acl-policy)# display-config-format

Brocade(config-acl-policy)# exit

Brocade(config)# show access-list 191

ip access-list extended 191

permit ip host 1.191.1.1 198.19.1.0 0.0.0.255

deny ip host 1.191.1.11 198.19.1.0 0.0.0.255

deny ip host 1.191.1.249 198.19.1.0 0.0.0.255

permit ip any any

NOTE

Currently, the acl duplication check does not evaluate rule entries after the sequence number check.
If the sequence number check is valid, the filter is considered to be unique and further checking is
not performed. This anomaly allows duplicate rules in an ACL if the sequence number value is
unique.

See also other documents in the category Brocade Computer Accessories: