Rumour has it that on 19 Jul 95 at 9:41, Greg Nenych said:
> I think there's some confusion here about this point. Let's say that
> you have a setup something like
>
> access-list 101 whatever...
> interface ethernet 0
> ip access-group 101
>
> and you want to change the access list in a secure manner. To do this,
> create a new access list, verify that you typed it in correctly, and then
> apply it to the interface.
>
> access-list 102 whatever...
> interface ethernet 0
> ip access-group 102
Understood. No confusion here.
But that presumes we are not fallible. If you have the scenario:
access-list 102 ...
access-list 102 ...
access-list 102 ...
access-list 102 ...
(dang, wrong order!)
no access-list 102 ...
access-list 102 ...
access-list 102 ...
access-list 102 ...
access-list 102 ...
access-list 102 ...
access-list 102 ...
(dang, a typo!)
no access-list 102 ...
access-list 102 ...
access-list 102 ...
access-list 102 ...
access-list 102 ...
access-list 102 ...
(dang, wrong order again!)
[horribly graphic details of seppuku deleted]
Aside from the obvious kludges which might incorporate
cu/tip/expect/cut&paste, are there any clever solutions to this
problem? (the Cisco config, not the graphic rendering of ritual
suicide)
--
Jim Carroll - jcarroll @
wellspring .
us .
dg .
com
... the usual disclaimers ...
## The more I learn, the less I know. ##
## Eventually I'll know everything about nothing. ##
Follow-Ups:
|
|
