Technical data

ManualsBrandsApplication Systems ManualsComputer equipmentADX-64

62 ServerIron ADX NAT64 Configuration Guide

53-1002288-02

Modifying ACLs

DRAFT: BROCADE CONFIDENTIAL

Syntax: deny <options> | permit <options>

The standard | extended parameter indicates the ACL type.

The <acl-name> parameter is the ACL name. You can specify a string of up to 256 alphanumeric

characters. You can use blanks in the ACL name if you enclose the name in quotation marks (for

example, “ACL for Net1”). The <acl-num> parameter allows you to specify an ACL number if you

prefer. If you specify a number, enter a number from 1 – 99 for standard ACLs or 100 – 199 for

extended ACLs.

The remark <comment-text> adds a comment to the ACL entry that you are about to create. The

comment can have up to 128 characters in length. The comment must be entered separately from

the actual ACL entry; that is, you cannot enter the ACL entry and the ACL comment with the same

command. Also, in order for the remark to be displayed correctly in the output of show commands,

the comment must be entered immediately before the ACL entry it describes.

Enter deny to deny the specified traffic or permit to allow the specified traffic. Complete the

configuration by specifying <options> for the standard or extended ACL entry.

Named ACLs: inserting or replacing comments to existing ACL entries

To insert a comment to an existing entry in the ACL named melon, or to replace a comment for an

ACL entry, display the list of entries in the ACL.

ServerIronADX(config)# show access-list melon

Standard IP access-list melon

deny host 1.2.4.5

permit host 5.6.7.8

permit any

To add the comment "Permit all users" to the second entry in the list, enter a command such as the

following.

ServerIronADX(config)# ip access-list standard melon

ServerIronADX(config-std-nacl)# insert 3 remark Permit all users

Use the show access-list command to display the updated ACL.

ServerIronADX(config)#show access-list melon

Standard IP access-list melon

deny host 1.2.4.5

permit host 5.6.7.8

Permit all users

permit ip any any

To replace the comment for the third entry, enter commands such as the following.

ServerIronADX(config)# ip access-list standard melon

ServerIronADX(config-std-nacl)# replace 3 remark All users allowed

Entering the show access-list command displays the updated ACL.

ServerIronADX(config)# show access-list melon

Standard IP access-list melon

deny host 1.2.4.5

permit host 5.6.7.8

All users allowed

permit ip any any

Syntax: ip access-list standard | extended <acl-name> | <acl-num>

Syntax: insert <line-number> | replace <line-number> remark <comment-text>