Towards editing ACLs, you can disable the default restriction on duplicate rules within an ACL. You can then create a duplicate rule at a new sequence before deleting the previous version.
Note
We recommend that after ACL-editing sessions towards which you disabled duplicate-rule check, restore the default setting—by entering the no allow-duplicate-rules command.device# show running-config mac access-list extended mac1 mac access-list extended mac1 seq 10 permit host 0001.0001.0001 any seq 20 deny host 0001.0001.0002 any count seq 30 hard-drop host 0001.0001.0003 any mirror
device# configure terminal device(config)# acl-policy device(config-acl-policy)# allow-duplicate-rules
device(config-acl-policy)# exit device(config)# mac access-list mac1 device(conf-macl-ext)# seq 11 hard-drop host 0001.0001.0003 any mirror device(conf-macl-ext)# no seq 30
device(conf-macl-ext)# exit device(config)# acl-policy device(config-acl-policy)# no allow-duplicate-rules