Adds rules and configures the rule precedence list for an access-list.
access-list | Configures access-list rule model. |
rule-precedence | Specifies modifying a rule's precedence in the access-list. |
list_dot_rule | Specifies the access-list name and rule name in the format list_name.rule_name. |
after | Moves the rule after an existing entry. |
before | Moves the rule before an existing entry. |
member_rule | Specifies the access-list name and rule name in format list_name.rule_name. |
first | Makes the rule the first. |
last | Makes the rule the last. |
N/A.
An access-list always contains at least one rule and is not active or programmed until it is assigned to a profile. Assigning a different profile ID to an access-list that already has one overwrites the current value. Setting the profile ID to “none” removes the access-list from the active/programmed rules. A profile ID can only be assigned to an access-list, and not per rule, so the list_name must only contain an access-list and not a list_dot_rule value.
The following example places the access-list "ACL1.ace3" before "ACL1.ace1":
# configure policy access-list rule-precedence ACL1.ace3 before ACL1.ace1
This command was first available in ExtremeXOS 30.5.
This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, X670-G2, X690, X695, X870, 5320, 5420, and 5520 series switches.