Operating notes for remarks, Operating notes for remarks -73 – HP 6200YL User Manual
Page 249
IPv6 Access Control Lists (ACLs)
Editing an Existing ACL
Using the
no <1-2147483647> command without the remark keyword deletes
both the remark and the ACE to which it is attached.
Operating Notes for Remarks
■
An “orphan” remark is a remark that does not have an ACE counter
part with the same sequence number. The
resequence command
renumbers an orphan remark as a sequential, standalone entry
without a permit or deny ACE counterpart.
ipv6 access-list "XYZ"
10 remark "Permits HTTP"
10 permit tcp 2001:db8::2:1/120 eq 80 ::/0
12 remark "Denies HTTP from subnet 1."
18 remark "Denies pop3 from 1:157."
18 deny tcp 2001:db8::1:157/128 eq 110 ::/0 log
50 permit ipv6 ::/0 ::/0
exit
ProCurve# ipv6 access-list resequence XYZ 100 10
ProCurve# show access-list XYZ config
ipv6 access-list "XYZ"
100 remark "Permits HTTP"
100 permit tcp 2001:db8::2:1/120 eq 80 ::/0
110 remark "Denies HTTP from subnet 1."
120 remark "Denies pop3 from 1:157."
120 deny tcp 2001:db8::1:157/128 eq 110 ::/0 log
130 permit ipv6 ::/0 ::/0
exit
■
Entering either an unnumbered remark followed by a manually
numbered ACE (using
<1-2147483647>), or the reverse (an unnum
bered ACE followed by a manually numbered remark) can result in
an “orphan” remark.
■
Configuring two remarks without including either sequence numbers
or an intervening, unnumbered ACE results in the second remark
overwriting the first.
8-73