Editing an existing acl, General editing rules, General editing rules -63 – HP 6200YL User Manual

IPv6 Access Control Lists (ACLs)

Editing an Existing ACL

Editing an Existing ACL

The CLI provides the capability for editing in the switch by using sequence
numbers to insert or delete individual ACEs. An offline method is also avail­
able. This section describes using the CLI for editing ACLs. To use the offline
method for editing ACLs, refer to “Creating or Editing ACLs Offline” on page
8-84.

General Editing Rules

You can use the CLI to delete individual ACEs from anywhere in an ACL,
append new ACEs to the end of an ACL, and insert new ACEs anywhere within
an ACL.

■

When you enter a new ACE in an ACL without specifying a sequence
number, the switch inserts the ACE as the last entry in the ACL.

■

When you enter a new ACE in an ACL and include a sequence number,
the switch inserts the ACE according to the position of the sequence
number in the current list of ACEs.

■

You can delete an ACE by using the

ipv6 access-list < identifier > com­

mand to enter the ACL’s context, and then

no < seq-# > (page 8-67).

■

Deleting the last ACE from an ACL leaves the ACL in the configuration
as an “empty” ACL placeholder that cannot perform any filtering
tasks. (In any ACL the Implicit Deny does not apply unless the ACL
includes at least one explicit ACE.) (Refer to the Notes on the
preceding page and to “Empty ACL” on page 8-10.)

8-63