Filter
Top Products
IPv4 Access Control Lists (ACLs)
Editing an Existing ACL
Deleting an ACE from an Existing ACL
This action uses ACL sequence numbers to delete ACEs from an ACL.
Syntax: ip access-list < standard | extended > < name-str | 1 - 99 | 100 - 199 >
no < seq-# >
The first command enters the “Named-ACL” context for the
specified ACL. The no command deletes the ACE corresponding
to the sequence number entered. (Range: 1 - 2147483647 )
1. To find the sequence number of the ACE you want to delete, use show run
or show access-list < name-str | 1 - 99 | 100-199 > to view the ACL.
2. Use ip access-list to enter the “Named-ACL” (nacl) context of the ACE.
This applies regardless of whether the ACE was originally created as a
numbered ACL or a named ACL.
3. In the “Named-ACL” context, type no and enter the sequence number of
the ACE you want to delete.
Figure 9-21 illustrates the process for deleting an ACE from a list:
ProCurve(config)# show run
. . .
ip access-list standard "My-List"
10 permit 10.10.10.25 0.0.0.0
15 deny 10.10.10.1 0.0.0.255
20 permit 10.20.10.117 0.0.0.0
30 deny 10.20.10.1 0.0.0.255
40 permit 0.0.0.0 255.255.255.255
exit
ProCurve(config)# ip access-list standard My-List
ProCurve(config-std-nacl)# no 20
ProCurve(config-std-nacl)# show run
. . .
ip access-list standard "My-List"
10 permit 10.10.10.25 0.0.0.0
15 deny 10.10.10.1 0.0.0.255
30 deny 10.20.10.1 0.0.0.255
40 permit 0.0.0.0 255.255.255.255
exit
ACL Before Deleting an ACE
This command enters the
“Named-ACL” (nacl)
context for “My-List”.
This command deletes the
ACE at line 20.
The ACE at line 20 has been
removed.
ACL After Deleting the ACE at Line 20
Figure 9-21. Example of Deleting an ACE from Any ACL
9-79