[c-nsp] How to add new rule in the same access-list
TJ
trejrco at gmail.com
Fri Feb 6 15:22:30 EST 2009
>> You can add lines if you use sequence numbers on you acl. What version
>> are you using
>>
>>
>>>> I have old rule in the switch but don't know how to add new rule in
>>>> the same access-list
>>>>
>>>> When I add new deny rule, it will be put at the end of the
>>>> access-list
>>>>
>>>> If I remove the access-list 140, I have to re-type all lines again.
>>>>
>>>
>>> That's correct. You need to remove and recreate it in the correct
>>> order lacking sequences.
>>>
>
>Like I said, if he doesn't have sequences (which based on the information
>given in the original question I can only assume he doesn't have an IOS
that
>supports it on old-skool access lists).
With a word of caution - if this is an ACL that effects YOUR connectivity to
the router: removing the ACL is fine, but the first line you put back in
better be the line that lets you in! Otherwise you'll be driving in ...
((Or, even better, either un-apply the ACL from the interface -or- start
over with a new ACL, with the new line(s), and apply that to the interface
(and then dump the ACL). Oh, and the "reload in XX" command is your friend
(but don't forget the "reload cancel" part).))
MAN I am glad I don't need to do any of that any more, sequence numbers are
a Good Thing!
/TJ
More information about the cisco-nsp
mailing list