Nortel 2350 用户指南
Configuring and managing security ACLs 427
Nortel WLAN—Security Switch 2300 Series Configuration Guide
Adding another ACE to a security ACL
The simplest way to modify a security ACL is to add another ACE. For example, suppose you wanted to modify an
existing ACL named acl-violet. Follow these steps:
existing ACL named acl-violet. Follow these steps:
1
To display all committed security ACLs, type the following command:
WSS# show security acl info
ACL information for all
ACL information for all
set security acl ip acl-violet (hits #2 0)
----------------------------------------------------
1. permit IP source IP 192.168.253.1 0.0.0.255 destination IP
any enable-hits
----------------------------------------------------
1. permit IP source IP 192.168.253.1 0.0.0.255 destination IP
any enable-hits
2
To add another ACE to the end of acl-violet, type the following command:
WSS# set security acl ip acl-violet permit 192.168.123.11 0.0.0.255 hits
3
To commit the updated security ACL acl-violet, type the following command:
WSS# commit security acl acl-violet
success: change accepted.
success: change accepted.
4
To display the updated acl-violet, type the following command:
WSS# show security acl info
ACL information for all
ACL information for all
set security acl ip acl-violet (hits #2 0)
----------------------------------------------------
1. permit IP source IP 192.168.253.1 0.0.0.255 destination IP
any enable-hits
2. permit IP source IP 192.168.123.11 0.0.0.255 destination IP
any enable-hits
----------------------------------------------------
1. permit IP source IP 192.168.253.1 0.0.0.255 destination IP
any enable-hits
2. permit IP source IP 192.168.123.11 0.0.0.255 destination IP
any enable-hits