Specifications

ManualsBrandsEnterasys ManualsComputer equipmentRoamAbout RBT-8100

301

302

303

304

305

306

307

308

309

310

Creating and Committing a Security ACL

RoamAbout Mobility System Software Configuration Guide 15-9

Determining the ACE Order

Thesetsecurityaclcommandcreatesanewentryintheeditbufferandappendsthenewentryas

aruleattheendofanACL,unlessyouspecifyotherwise.TheorderofACEsissignificant,

becausetheearliestACEtakesprecedenceoverlaterACEs.ToplacetheACEsin

thecorrectorder,

usetheparametersbeforeeditbuffer‐indexandmodifyeditbuffer‐index.ThefirstACEisnumber1.

Tospecifytheorderofthecommands,usethefollowingparameters:

• beforeeditbuffer‐indexinserts anACEbeforeaspecificlocation.

• modifyeditbuffer‐indexchangesanexistingACE.

Ifthe

securityACLyouspecifywhencreatinganACEdoesnotexistwhenyouentersetsecurity

aclip,thespecifiedACLiscreatedintheeditbuffer.IftheACLexistsbutisnotintheeditbuffer,

theACLreverts,orisrolledback,tothestatewhenits

lastACEwascommitted,butitnow

includesthenewACE.

Fordetails,see“PlacingOneACEbeforeAnother”onpage 15‐17and“ModifyinganExisting

SecurityACL”onpage 15‐18.

Committing a Security ACL

ToputthesecurityACLsyouhavecreatedintoeffect,use thecommitsecurityaclcommandwith

thenameoftheACL.

Examples

Tocommitacl‐99,typethefollowingcommand:

RBT-8100# commit security acl acl-99

success: change accepted.

TocommitallthesecurityACLsintheeditbuffer,typethefollowingcommand:

RBT-8100# commit security acl all

success: change accepted.

Viewing Security ACL Information

TodeterminewhetherasecurityACLiscommitted,youcanchecktheeditbufferandthe

committedACLs.Afteryoucommitan ACL,MSSremovesitfromtheeditbuffer.

Example

TodisplayACLs,usethefollowingcommand:

show security acl editbuffer

show security acl info all editbuffer

show security acl info

show security acl

UsethefirsttwocommandstodisplaytheACLsthatyouhavenotyetcommittedtononvolatile

storage.ThefirstcommandliststheACLsbyname.ThesecondcommandshowstheACLsin

detail.