Cisco删除及添加access-list中的条目

Cisco删除及添加access-list中的条目


先看一下ACL 20
Router#show access-lists
Standard IP access list 20
    10 permit host 172.18.0.10
    20 permit host 172.18.0.11
    30 permit host 172.18.0.12
    40 permit host 172.18.0.13
    50 permit host 172.18.0.14
    60 permit host 172.18.0.15
    70 permit host 172.18.0.16
    80 permit host 172.18.0.17
    90 permit host 172.18.0.18
    100 permit host 172.18.0.19
    110 permit host 172.18.0.20

Router#show ip access-lists
Standard IP access list 20
    10 permit host 172.18.0.10
    20 permit host 172.18.0.11
    30 permit host 172.18.0.12
    40 permit host 172.18.0.13
    50 permit host 172.18.0.14
    60 permit host 172.18.0.15
    70 permit host 172.18.0.16
    80 permit host 172.18.0.17
    90 permit host 172.18.0.18
    100 permit host 172.18.0.19
    110 permit host 172.18.0.20

删除ACL中的条目
Router(config)#ip access-list standard 20
Router(config-std-nacl)#no 40
Router(config-std-nacl)#no 50
Router(config-std-nacl)#no 60
Router(config-std-nacl)#no 70
Router(config-std-nacl)#no 80
Router(config-std-nacl)#no 90

再看一下条目，40 50 60 70 80 90已被删除
Router#show ip access-lists
Standard IP access list 20
    10 permit host 172.18.0.10
    20 permit host 172.18.0.11
    30 permit host 172.18.0.12
    100 permit host 172.18.0.19
    110 permit host 172.18.0.20

如果要在中间添加条目
Router(config)#ip access-list standard 20
Router(config-std-nacl)#50 permit 172.18.0.111
Router(config-std-nacl)#60 permit 172.18.0.222
Router(config-std-nacl)#55 permit 172.18.0.150


再看一下
Router#show access-lists
Standard IP access list 20
    10 permit host 172.18.0.10
    20 permit host 172.18.0.11
    30 permit host 172.18.0.12
    50 permit host 172.18.0.111
    55 permit host 172.18.0.150
    60 permit host 172.18.0.222
    100 permit host 172.18.0.19
    110 permit host 172.18.0.20


如果是扩展ACL
Router(config)#ip access-list extended xxx



9:07 2018/4/4

转载于:https://blog.51cto.com/16678/2094559