cisco 6000 msfc ACL

[definityman]

Hi all,
each time i've to modify my ACL's on my cisco 6000 msfc, i ve to disable them , remove, create a word document with all the content of the ACL's i'm modifying plus the new rules i've to add with last instruction deny any any copy the content of the word document and paste to the command line on the MSFC.
Does someone know if is it possible to modify the ACL's directly ( adding only the needed lines and beeing sure that the last line is always deny any any )without having to disable,remove and rewrite all the ACL content.

Thanks in advance.

Ragards

 

[RookThis]

I don't believe so. You have to go through the process of disabling it from the interface and then remove it and re-add it: no access-list <id>, then adding it again and enabling it. I'd be interesting in seeing if there is a different way to do this.

 

[BuckWeet]

Well do this, copy that ACL to like a backup ACL2 or whatever.. So you have to ACL's that are the same..


Go to the interface, apply ACL2, your rules will still be in place..


Then edit ACL, put it back into the switch, go back to the interface and apply it back to ACL

BuckWeet

 

[vipergg]

there is but you must be running the latest Cisco IOS and go to named access-lists , in the latest version it puts numbers in front of the permit or deny statements and you can add and delete things on the fly . Only took them 20 years to make the whole ACL ordeal easier . But named ACL's and the latest code is certainly a lot easier .