[c-nsp] Problem with paste large ACLs
Ed Ravin
eravin at panix.com
Fri Jan 12 08:53:22 EST 2007
On Fri, Jan 12, 2007 at 10:33:43AM +0100, Jeroen Vos wrote:
> We have some problem with paste large ACLs >50 lines to a cisco 6500 (
> and others types also). It seems that after 50 lines some sort of buffer
> is filled and then, no rules are accepted anymore.
As another poster pointed out, it could be the settings of your terminal
program. But if you're cutting-and-pasting such long ACLs, you're bound
to have other problems sooner or later. Like what happens when you
paste in 100 line list with a syntax error on line 30?
If you have a Unix or Mac host, you might want to look at aclmaker - it's
a Perl script that lets you edit ACLs as text files on your local machine,
and pushes them up to the router in a careful and reliable way, including
doing a syntax check and automatically adjusting "access-group" statements
on interfaces to prevent lockout due to erroneous ACLs. It also lets
you run Cisco commands and save the output locally, or filter it through
Unix commands.
http://sourceforge.net/project/showfiles.php?group_id=25401
It might run on Windows too, but no one seems to have tried to port it yet.
There is also an interesting Windows product called Telconi Terminal that
is a front-end for managing a Cisco router - it has some features for
managing ACLs, though I don't think they do everything aclmaker does.
More information about the cisco-nsp
mailing list