Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > delete an entry from the access list...

Reply
Thread Tools

delete an entry from the access list...

 
 
David Butler
Guest
Posts: n/a
 
      11-16-2003
can someone tell me how to do this... i've added an extra entry that I don't
need.


 
Reply With Quote
 
 
 
 
Unregistered
Guest
Posts: n/a
 
      11-16-2003

If it is a numbered access list you can't delete a single entry line i
the access list. What I ususally do is write out my access lists i
notepad or other text editor and upload them the to router and appl
them. That way when you need to change one line all you do is edit th
line in the text editor and reupload it to the router after you hav
removed the old one.

On the other hand if you use a named access list as opposed to
numbered on you can remove lines.

Pa

Unregistered
-----------------------------------------------------------------------
Posted via http://www.mcse.m
-----------------------------------------------------------------------
View this thread: http://www.mcse.ms/message74897.htm

 
Reply With Quote
 
 
 
 
Walter Roberson
Guest
Posts: n/a
 
      11-16-2003
In article <3fb767d4$0$12672$(E-Mail Removed)>,
David Butler <(E-Mail Removed)> wrote:
:can someone tell me how to do this... i've added an extra entry that I don't
:need.

You don't say what you're using.

If you are using one of Cisco's routers, then you will have to remove
the access list and recreate it.

If you are using a PIX, then you can go into configure mode and
use 'no ' followed by the entry you want, such as

no access-list out2in permit udp any any netbios-ns
--
History is a pile of debris -- Laurie Anderson
 
Reply With Quote
 
Scooby
Guest
Posts: n/a
 
      11-16-2003
That's not true about having to remove the access-list on the routers. Yes,
it was true at one time, but the IOS now supports better management. I
guess it depends what version of the IOS you are running. Not sure exactly
when these features were implemented, but here is how it works now...

Let's say this is your access list:

access-list 100 permit tcp any host 10.10.10.10 eq www
access-list 100 permit udp any host 10.10.10.10 eq dns
access-list 100 permit icmp any any echo-reply
access-list 100 deny any any log

and you wanted to get rid of the echo-reply line. You'd just type the
following:

conf t
ip access-list ext 10
no permit icmp any any echo-reply

Here's also what is really cool. If you do a show ip access-list, it will
show something like this:

10 access-list 100 permit tcp any host 10.10.10.10 eq www
20 access-list 100 permit udp any host 10.10.10.10 eq dns
30 access-list 100 permit icmp any any echo-reply
40 access-list 100 deny any any log

Then you can just do

conf t
ip access-list ext 102
no 30

once in the access-list edit you can also do something like this:

5 permit ip any any eq bootp

This would insert the item at the front of the list. These line numbers
will keep until you reboot and then they will reorg to multiples of 10.





"Walter Roberson" <(E-Mail Removed)-cnrc.gc.ca> wrote in message
news:bp8j88$4e3$(E-Mail Removed)...
> In article <3fb767d4$0$12672$(E-Mail Removed)>,
> David Butler <(E-Mail Removed)> wrote:
> :can someone tell me how to do this... i've added an extra entry that I

don't
> :need.
>
> You don't say what you're using.
>
> If you are using one of Cisco's routers, then you will have to remove
> the access list and recreate it.
>
> If you are using a PIX, then you can go into configure mode and
> use 'no ' followed by the entry you want, such as
>
> no access-list out2in permit udp any any netbios-ns
> --
> History is a pile of debris -- Laurie Anderson



 
Reply With Quote
 
Richard Deal
Guest
Posts: n/a
 
      11-16-2003
To all,

The assumption of deleting a specific router ACL entry is no longer true.
Cisco now supports "sequenced ACLs". This feature was first introduced in
12.2(14)S and has been integrated into 12.2(15)T and 12.3(2)T. It is now,
FINALLY, easy to edit ACLs without having to use a text editor!!! It's about
*?^%$* time Cisco listened to their customers on this one. I've been
complaining about this ever since ACLs came out in 94.

Cheers!
--

Richard A. Deal

Cisco Test Prep author for QuizWare, providing the most comprehensive Cisco
exams on the market (www.quizware.com)

Author of CCNA Cisco Certified Network Associate Study Guide (Exam 640-801),
CCNP BCMSN Exam Cram 2, Cisco PIX Firewalls, CCNA Secrets Revealed!, CCNP
Remote Access Exam Prep, CCNP Switching Exam Cram, and CCNP Cisco LAN Switch
Configuration Exam Cram

Visit my home page at http://home.cfl.rr.com/dealgroup/



"Walter Roberson" <(E-Mail Removed)-cnrc.gc.ca> wrote in message
news:bp8j88$4e3$(E-Mail Removed)...
> In article <3fb767d4$0$12672$(E-Mail Removed)>,
> David Butler <(E-Mail Removed)> wrote:
> :can someone tell me how to do this... i've added an extra entry that I

don't
> :need.
>
> You don't say what you're using.
>
> If you are using one of Cisco's routers, then you will have to remove
> the access list and recreate it.
>
> If you are using a PIX, then you can go into configure mode and
> use 'no ' followed by the entry you want, such as
>
> no access-list out2in permit udp any any netbios-ns
> --
> History is a pile of debris -- Laurie Anderson
>



 
Reply With Quote
 
Oleg Malkov
Guest
Posts: n/a
 
      11-18-2003
Hi,

You can copy the configuration to TFTP server, edit it and copy it back to
your device. Also you can try to use WinAgents IOS Config Editor - it
contains an embedded TFTP Server and allows to copy configs using SNMP. Take
a look at http://www.winagents.com/cisco-config-editor.htm

--
Sincerely,
Oleg Malkov

WinAgents Software Group


"David Butler" <(E-Mail Removed)> сообщил/сообщила в
новостях следующее: news:3fb767d4$0$12672$(E-Mail Removed).. .
> can someone tell me how to do this... i've added an extra entry that I

don't
> need.
>
>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
delete entry from about:config Richard Firefox 8 04-07-2010 06:41 PM
Allowing entry of a Carriage Return during data entry Mike Owen ASP .Net Web Controls 3 07-27-2006 02:34 PM
Form field entry directs to diff URLs based on entry? AtomicBob HTML 14 05-02-2006 07:07 AM
Form entry to Time part of database Date entry? Noozer Javascript 2 08-01-2005 08:10 PM
Unable to delete registry entry dan federico Computer Support 1 08-24-2004 12:00 AM



Advertisments