[c-nsp] How to add new rule in the same access-list
Deric Kwok
deric.kwok2000 at gmail.com
Wed Feb 4 21:26:05 EST 2009
Hi
I have old rule in the switch but don't know how to add new rule in the same
access-list
When I add new deny rule, it will be put at the end of the access-list
If I remove the access-list 140, I have to re-type all lines again.
Please help.
Thank you
switch#sh access-list 140
Extended IP access list 140
deny udp any host 192.168.1.118 eq ntp log (4 matches)
permit udp host 192.168.1.114 host 192.168.1.118 eq snmp log
deny udp any host 192.168.1.118 eq snmp log
permit ip any any (49 matches)
switch#config t
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)#access-list 140 deny tcp any host 192.168.1.118 eq 123 log
switch#sh ip access-lists 140
Extended IP access list 140
deny udp any host 192.168.1.118 eq ntp log (6 matches)
permit udp host 192.168.1.114 host 192.168.1.118 eq snmp log (35
matches)
deny udp any host 192.168.1.118 eq snmp log
permit ip any any (174 matches)
deny tcp any host 192.168.1.118 eq 123 log
More information about the cisco-nsp
mailing list