There is
no support for sequence numbering in software versions earlier than Cisco IOS Software Release
12.3; therefore, all the ACL additions for earlier software versions are placed at the end of the
ACL.
IP access list entry sequence numbering is a new edition to Cisco IOS Software that enables you
to use sequence numbers to easily add, remove, or reorder statements in an IP ACL. With Cisco
IOS Software Release 12.3 and later, additions can be placed anywhere in the ACL based on the
sequence number.
Earlier than Cisco IOS Software Release 12.3, only named ACLs enable the removal of individual
statements from an ACL using the following command:
nnoo {ddeennyy | ppeerrmmiitt} protocol source source-wildcard destination destination-wildcard
The protocol source source-wildcard destination destination-wildcard parameters match the line
you are trying to remove. With numbered ACLs, you would have to remove the whole list and recreate
it with the desired statements. With Cisco IOS Software Release 12.3 and later, you can also
use the no sequence-number command to delete a speci?¬?c access list entry.
Well-designed and well-implemented ACLs add an important security component to your
network.
Pages:
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325