Specifications

ManualsBrandsEnterasys ManualsComputer equipmentRoamAbout RBT-8100

311

312

313

314

315

316

317

318

319

320

Modifying a Security ACL

RoamAbout Mobility System Software Configuration Guide 15-19

Clearing Security ACLs from the Edit Buffer

UsetherollbackcommandtoclearchangesmadetothesecurityACLeditbuffersinceitwaslast

committed.TheACLisrolledbacktoitsstateatthelastcommitcommand.

Example

Forexample,supposeyouwanttoremoveanACEthatyoujustcreatedintheeditbufferforacl‐

111:

1. TodisplaythecontentsofallcommittedsecurityACLs,typethefollowingcommand:

RBT-8100# show security acl infoshow security acl info

ACL information for all

set security acl ip acl-111 (hits #4 0)

----------------------------------------------------

1. permit IP source IP 192.168.254.12 0.0.0.0 destination IP any

2. permit IP source IP 192.168.253.11 0.0.0.0 destination IP any

set security acl ip acl-2 (hits #1 0)

----------------------------------------------------

1. permit L4 Protocol 115 source IP 192.168.1.11 0.0.0.0 destination IP

192.168.1.15 0.0.0.0 precedence 0 tos 0 enable-hits

2. ToviewasummaryofthesecurityACLsforwhichyoujustcreatedACEsintheeditbuffer,

typethefollowingcommand:

RBT-8100# show security acl editbuffer

ACL edit-buffer table

ACL Type Status

------------------------------- ---- --------------

acl-a IP Not committed

acl-111 IP Not committed

3. ToviewdetailsabouttheseuncommittedACLs, typethefollowingcommand.Theentire

acl‐111isdisplayed,includingitscommittedACLs.

RBT-8100# show security acl info editbuffer

ACL edit-buffer information for all

set security acl ip acl-111 (ACEs 3, add 3, del 0, modified 2)

----------------------------------------------------

1. permit IP source IP 192.168.254.12 0.0.0.0 destination IP any

2. permit IP source IP 192.168.253.11 0.0.0.0 destination IP any

3. deny SRC source IP 192.168.253.1 0.0.0.255

set security acl ip acl-a (ACEs 1, add 1, del 0, modified 0)

----------------------------------------------------

1. permit SRC source IP 192.168.1.1 0.0.0.0

4. Tocleartheuncommittedacl‐111ACEfromtheeditbuffer,typethefollowingcommand:

RBT-8100# rollback security acl acl-111

5. Toensurethatyouhaveclearedtheacl‐111ACE,typethefollow ingcommand.Onlythe

uncommittedacl‐anowappears.

RBT-8100# show security acl info editbuffer

ACL edit-buffer information for all

set security acl ip acl-a (ACEs 1, add 1, del 0, modified 0)

----------------------------------------------------

1. permit SRC source IP 192.168.1.1 0.0.0.0