no (ipv4-acl)

Removes a deny, permit, or disable rule

Supported in the following platforms:

  • Access Points — AP505i, AP510i/e, AP560i/h
  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000

Syntax

no [deny|disable|permit]
no [deny|permit] [<NETWORK-SERVICE-ALIAS-NAME>|icmp|ip|proto|tcp|udp] 
<RULE-PARAMETERS>
no disable [deny|permit] [<NETWORK-SERVICE-ALIAS-NAME>|icmp|ip|proto|tcp|udp] 
<RULE-PARAMETERS>

Parameters

no [deny|permit] <NETWORK-SERVICE-ALIAS-NAME>icmp|ip|proto|tcp|udp] <RULE-PARAMETERS>

no [deny|permit]

Removes a deny or permit rule from the selected IP access list

<NETWORK-SERVICE-ALIAS-NAME>

Removes a deny or permit rule applicable to the specified network-service alias

  • <NETWORK-SERVICE-ALIAS-NAME> – Specify the network-service alias name (should be associated with the deny/permit rule).

icmp

Removes a deny or permit rule applicable to ICMP packets only

ip

Removes a deny or permit rule applicable to IP packets only

proto

Removes a deny or permit rule applicable to protocols (other than IP, ICMP, TCP, and UDP)

[tcp|udp]

Removes a deny or permit rule applicable to TCP/UDP packets

<RULE-PARAMETERS>

Enter the exact parameters used when configuring the rule.

rule-precedence <1-5000> rule-description <LINE>

Specify the precedence assigned to this deny/permit rule.

  • rule-description – Optional. Specify the rule description.

Note: The system removes the rule from the selected ACL.

no disable [deny|permit] [<NETWORK-SERVICE-ALIAS-NAME>|icmp|ip|proto|tcp|udp] 
<RULE-PARAMETERS>

no disabled [deny|permit]

Removes a disabled deny or permit rule from the selected IP access list

<NETWORK-SERVICE-ALIAS-NAME>

Removes a disabled deny or permit rule applicable to the specified network-service alias

  • <NETWORK-SERVICE-ALIAS-NAME> – Specify the network-service alias name (should be associated with the deny/permit rule).

icmp

Removes a disabled deny or permit rule applicable to ICMP packets only

ip

Removes a disabled deny or permit rule applicable to IP packets only

proto

Removes a disabled deny or permit rule applicable to protocols (other than IP, ICMP, TCP, and UDP)

[tcp|udp]

Removes a disabled deny or permit rule applicable to TCP/UDP packets

<RULE-PARAMETERS>

Enter the exact parameters used when configuring the rule.

rule-precedence <1-5000> rule-description <LINE>

Specify the precedence assigned to this disabled deny/permit rule.

  • rule-description – Optional. Specify the rule description.

Note: The system removes the disabled rule from the selected ACL.

Usage Guidelines

Provide the rule-precedence value when using the no command.

Examples

The following example shows the ACL ‘test‘ settings before the ‘no‘ commands are executed:
<exsw1>(config-ip-acl-test)#show context
ip access-list test
 deny proto vrrp any any log rule-precedence 600
            deny proto ospf any any log rule-precedence 650
<exsw1>(config-ip-acl-test)#
<exsw1>(config-ip-acl-test)#no deny proto vrrp any any rule-precedence 600
<exsw1>(config-ip-acl-test)#no deny proto ospf any any rule-precedence 650
The following example shows the ACL ‘test‘ settings after the ‘no‘ commands are executed:
<exsw1>(config-ip-acl-test)#show context
ip access-list test
<exsw1>(config-ip-acl-test)#