An ACL rule or range of rules can be moved to a different location in the ACL using the move before command.
The following example displays an extended ACL 121 and moves entries 3 and 4 to before entry 2:
System(rw-config)->ip access-list extended 121 System(rw-cfg-ext-acl)->show access-lists 121 Extended IP access list 121 (5 entries) 1 deny ip 20.0.0.1 0.0.255.255 any 2 permit ip any any 3 deny ip 30.0.0.1 0.0.255.255 any 4 deny ip 40.0.0.1 0.0.255.255 any -- implicit deny all -- System(rw-cfg-ext-acl)->move before 2 from 3 to 4 System(rw-cfg-ext-acl)->show access-lists 121 Extended IP access list 121 (5 entries) 1 deny ip 20.0.0.1 0.0.255.255 any 2 deny ip 30.0.0.1 0.0.255.255 any 3 deny ip 40.0.0.1 0.0.255.255 any 4 permit ip any any -- implicit deny all --
This example enters configuration mode for standard IPv6 access list acl2 and moves rule entries 10 - 12 before rule entry 5:
System(rw-config)->ipv6 access-list standard acl2 System(rw-cfg-ipv6-std-acl)->move before 5 from 10 to 12 System(rw-cfg-ipv6-std-acl)->
This example enters configuration mode for L2 ACL list2 and moves rule entry 20 before rule entry 10:
System(rw-config)->l2 access-list list2 System(rw-cfg-l2-acl)->move before 10 from 20 to 20 System(rw-cfg-l2-acl)->
Print
this page
Email this topic
Feedback
View PDF
Download EPUB