access-list reset
Syntax
access-list {all|ipDescription
Changes the user-specified ACL configuration to match the active ACL configuration. Use this command when a discrepancy exists between what the user configured and what is active and accepted by the system.
Command context
config
Parameters
-
all|ip|ipv6 |mac -
Specifiesoneof the following:
a reset of
allACLs.a reset of a named IPv4 ACL.
a reset of a named IPv6 ACL.
a reset of a named MAC ACL.
Authority
Administrators or local user group members with execution rights for this command.
Usage
The output of theshow access-listcommand displays the active configuration of the product. The active configuration is the ACLs that have been configured and accepted by the system. The output of theshow access-listcommand with theconfiguration参数,显示的acl配置ured. The output of this command may not be the same as what was programmed in hardware or what is active on the product.
If the active ACLs and user-configured ACLs are not the same, a warning message is displayed in the output of the show command. Modify the user-configured ACL until the warning message is no longer displayed or run theaccess-list resetcommand to change the user-specified configuration to match the active configuration.
Examples
Apply an ACL with TCP acknowledgments (ACKs) on egress, which is unsupported by hardware:
switch(config-acl)#10 permit tcp 172.16.2.0/16 any ack
Displaying the user-specified configuration:
switch(config)#do show access-list commands! access-list ip TEST_ACL user configuration does not match active configuration. ! run 'access-list TYPE NAME reset' to reset access-list to match active configuration. access-list ip TEST_ACL ! access-list ip TEST_ACL user configuration does not match active configuration. ! run 'access-list TYPE NAME reset' to reset access-list to match active configuration. interface 1/1/1 apply access-list ip TEST_ACL out switch(config)# do show access-list commands configuration ! access-list ip TEST_ACL user configuration does not match active configuration. ! run 'access-list TYPE NAME reset' to reset access-list to match active configuration. access-list ip TEST_ACL 10 permit tcp 172.16.2.0/255.255.0.0 any ack ! access-list ip TEST_ACL user configuration does not match active configuration. ! run 'access-list TYPE NAME reset' to reset access-list to match active configuration. interface 1/1/1 apply access-list ip TEST_ACL out switch(config)# do show access-list Type Name Sequence Comment Action L3 Protocol Source IP Address Source L4 Port(s) Destination IP Address Destination L4 Port(s) Additional Parameters ------------------------------------------------------------------------------- % Warning: TEST_ACL user configuration does not match active configuration. % run 'access-list TYPE NAME reset' to reset access-list to match active configuration. IPv4 TEST_ACL switch(config)# do show access-list configuration Type Name Sequence Comment Action L3 Protocol Source IP Address Source L4 Port(s) Destination IP Address Destination L4 Port(s) Additional Parameters ------------------------------------------------------------------------------- % Warning: TEST_ACL user configuration does not match active configuration. % run 'access-list TYPE NAME reset' to reset access-list to match active configuration. IPv4 TEST_ACL 10 permit tcp 172.16.2.0/255.255.0.0 any ack
switch(config)#access-list ip TEST_ACL reset
Displaying the updated user-specified configuration.
switch(config)#do show access-list commandsaccess-list ip TEST_ACL interface 1/1/1 apply access-list ip TEST_ACL out switch(config)#do show access-list commands configurationaccess-list ip TEST_ACL interface 1/1/1 apply access-list ip TEST_ACL out switch(config)#do show access-listType Name Sequence Comment Action L3 Protocol Source IP Address Source L4 Port(s) Destination IP Address Destination L4 Port(s) Additional Parameters ------------------------------------------------------------------------------- IPv4 TEST_ACL switch(config)#do show access-list configurationType Name Sequence Comment Action L3 Protocol Source IP Address Source L4 Port(s) Destination IP Address Destination L4 Port(s) Additional Parameters ------------------------------------------------------------------------------- IPv4 TEST_ACL