504 CHAPTER 14: S ECURITY ACL COMMANDSExamples — The following commands show the edit buffer before arollback, clear any changes in the edit buffer to security acl_122, andshow the edit buffer after the rollback:WX4400# display security acl info all editbufferACL edit-buffer information for allset security acl ip acl_122 (ACEs 3, add 3, del 0, modified 0)---------------------------------------------------------1. permit IP source IP 20.0.1.11 0.0.0.255 destination IP any enable-hits2. deny IP source IP 20.0.2.11 0.0.0.0 destination IP any3. deny SRC source IP 192.168.1.234 255.255.255.255 enable-hitsWX4400# rollback security acl acl_122WX4400# display security acl info all editbufferACL edit-buffer information for allSee Also display security acl on page 494set security acl In the edit buffer, creates a security access control list (ACL), adds oneaccess control entry (ACE) to a security ACL, and/or reorders ACEs in theACL. The ACEs in an ACL filter IP packets by source IP address, a Layer 4protocol, or IP, ICMP, TCP, or UDP packet information.By source addressSyntax — set security acl ip acl-name {permit [cos cos] | deny}source-ip-addr mask [before editbuffer-index | modifyeditbuffer-index] [hits]By Layer 4 protocolSyntax — set security acl ip acl-name {permit [cos cos] | deny}protocol-number {source-ip-addr mask destination-ip-addrmask} [precedence precedence] [tos tos] [beforeeditbuffer-index | modify editbuffer-index] [hits]By IP packetsSyntax — set security acl ip acl-name {permit [cos cos] | deny}ip {source-ip-addr mask destination-ip-addr mask} [precedenceprecedence] [tos tos] [before editbuffer-index | modifyeditbuffer-index] [hits]
