액세스 리스트 편집

액세스 리스트를 삭제시 전체가 삭제되는 문제점 

access-list 2의 두 번째 중인 access-list 2 deny host 200.200.1.10삭제

RTA# show run | in access-list 2
  access-list 2 deny 192.168.1.32
  access-list 2 deny 200.200.1.10
  access-list 2 permit any
RTA# conf t
RTA(config)# no access-list 2 deny 200.200.1.10
RTS# show run | in access-list 2
RTA#
access-list 2 전체가 삭제됨

---

액세스 리스트 항목 삭제, 수정, 삽입

 과거에는 액세스 리스트를 수정할 때마다 액세스 리스트 전체를 삭제하고 다시 설정하는 방식으로 수정

 

삭제

RTA(config)# ip access-list standard 2
RTA(config-std-nacl)# no deny 200.200.1.10
RTA# show ip access-lists 2
Standard IP access list 2
    10 deny 192.168.1.32
    30 permit any

 

가장 마지막에 삽입

RTA(config)# ip access-list standard 2
RTA(config-std-nacl)# deny 192.168.2.0 0.0.0.255
RTA# show ip access-lists 2
Standard IP access list 2
    10 deny 192.168.1.32
    30 permit any
    40 deny 192.168.2.0, wildcard bits 0.0.0.255

 

일련번호를 사용하여 원하는 위치에 삽입

RTA(config)# ip access-list standard 2
RTA(config-std-nacl)# 15 deny 192.168.2.0 0.0.0.255
RTA# show ip access-lists 2
Standard IP access list 2
    10 deny 192.168.1.32
    15 deny 192.168.2.0, wildcard bits 0.0.0.255
    30 permit any

 

일련번호 재조정 (Packet Tracer 미지원)

ip access-list resequence {access-list-number|access-listname} starting-sequence-number incremental-sequence-number

RTA# show ip access-lists 2
Standard IP access list 2
    10 deny 192.168.1.32
    11 deny 192.168.1.40
    12 deny 192.168.1.41
    13 deny 192.168.1.45
    14 deny 192.168.1.47
    15 deny 192.168.2.0, wildcard bits 0.0.0.255
    30 permit any
RTA(config)# ip access-list resequence 2 5 5

 

ip access-list resequence 2 5 5

2: access-list 번호
5: access-list 시작번호
5: access-list number 증분값