set security acl 459
Examples — The following commands show the edit buffer before a
rollback, clear any changes in the edit buffer to security acl_122, and
show the edit buffer after the rollback:
WX4400# display security acl info all editbuffer
ACL edit-buffer information for all
set security acl ip acl_122 (ACEs 3, add 3, del 0, modified 0)
1. permit IP source IP destination IP any enable-hits
2. deny IP source IP destination IP any
3. deny SRC source IP enable-hits
WX4400# rollback security acl acl_122
WX4400# display security acl info all editbuffer
ACL edit-buffer information for all
See Also
display security acl on page 450
set security acl In the edit buffer, creates a security access control list (ACL), adds one
access control entry (ACE) to a security ACL, and/or reorders ACEs in the
ACL. The ACEs in an ACL filter IP packets by source IP address, a Layer4
protocol, or IP, ICMP, TCP, or UDP packet information.
By source address
Syntaxset security acl ip acl-name {permit [cos cos] | deny}
source-ip-addr mask [before editbuffer-index | modify
editbuffer-index] [hits]
By Layer 4 protocol
Syntaxset security acl ip acl-name {permit [cos cos] | deny}
protocol-number {source-ip-addr mask destination-ip-addr
mask} [precedence precedence] [tos tos] [before
editbuffer-index | modify editbuffer-index] [hits]
By IP packets
Syntaxset security acl ip acl-name {permit [cos cos] | deny}
ip {source-ip-addr mask destination-ip-addr mask} [precedence
precedence] [tos tos] [before editbuffer-index | modify
editbuffer-index] [hits]