HP 6200YL User Manual
Page 242
IPv6 Access Control Lists (ACLs)
Editing an Existing ACL
ProCurve(Config)# ipv6 access-list My-list
ProCurve(config-ipv6-acl)# 45 permit icmp host 2001:db8:0:5ad::33 ::/0
ProCurve(config-ipv6-acl)# show run
. . .
ipv6 access-list "My-list"
10 permit ipv6 2001:db8:0:5ad::25/128 ::/0
20 permit ipv6 2001:db8:0:5ad::111/128 ::/0
30 permit icmp 2001:db8:0:5ad::115/128 ::/0
40 permit icmp 2001:db8:0:5ad::/64 ::/0
45 permit icmp 2001:db8:0:5ad::33 ::/0
50 permit icmp 2001:db8:0:5ad::19/128 ::/0
60 permit ipv6 ::/0 2001:db8:0:5ad::1/128
70 deny ipv6 2001:db8:0:5ad::/64 ::/0
80 permit ipv6 ::/0 ::/0
Inserts a new ACE
assigned to line 35.
exit
Enters the “Named-ACL context for “My-list”.
Figure 8-19. Example of Inserting an ACE in an Existing ACL
From within the context of an IPv6 ACL named “List-01”, insert a new ACE
between two existing ACEs. In this example, the first command creates a new
ACL and enters the ACL context. The next two ACEs entered become lines 10
and 20 in the list. The third ACE entered is inserted between lines 10 and 20
by using the sequence command with a sequence number of 11.
Becomes Line 10
ProCurve(config)# Port_1_5400(config)# ipv6 access-list List-01
Becomes Line 20
ProCurve(config-ipv6-acl)# permit ipv6 host fe80::100 host fe80::200
ProCurve(config-ipv6-acl)# permit ipv6 host fe80::103 any
ProCurve(config-ipv6-acl)# 11 permit ipv6 host fe80::110 host fe80::
ProCurve(config-ipv6-acl)# show run
Running configuration:
. . .
ipv6 access-list "List-01"
10 permit ipv6 fe80::100/128 fe80::200/128
11 permit ipv6 fe80::110/128 fe80::210/128
20 permit ipv6 fe80::103/128 ::/0
exit
Lines 10 and 20 were
automatically numbered
accord-ing to their order of
entry in the list.
Line 11 was explicitly
numbered by the 11 permit
command and was inserted
in its proper place in the list.
Figure 8-20. Example of Inserting an ACE into an Existing Sequence
8-66