is this a bug

[Cong]

I'm using an old IOS version 12.0(5)XK1. When I type in below

no access-list 101 permit tcp any host x.x.x.x eq 25

instead of delete that line only it deletes my whole access-list 101

[Brian V]

"Cong" <con...@yahoo.com> wrote in message
news:1165611418.3...@l12g2000cwl.googlegroups.com...

>
> I'm using an old IOS version 12.0(5)XK1. When I type in below
>
> no access-list 101 permit tcp any host x.x.x.x eq 25
>
> instead of delete that line only it deletes my whole access-list 101
>

No, it is not a bug. You cannot remove individual lines from a numbered
access list. The whole list gets removed then you need to re-add it.

[Wil Schultz]

Bug? Nah, it's a "feature" :-)

You can do this on a PIX, not on a standard access-list though.

You can however use an extended ACL (ip access-list extended blah) and
use sequence numbers.

-Wil

[Cong]

[Doan]

You cannot delete an entry, you have to delete the whole list and rebuild
it.

Doan

[Doug McIntyre]

Using that old of version of IOS yes.

Newer versions let you use extended access-lists, and do let you
remove items line by line if you wish.

[Walter Roberson]

In article <4579efce$0$34489$742e...@news.sonic.net>,

Wil Schultz <w...@SPAMTHIS.org> wrote:
>Bug? Nah, it's a "feature" :-)

>You can do this on a PIX, not on a standard access-list though.

>You can however use an extended ACL (ip access-list extended blah) and
>use sequence numbers.

"extended" for an ACL in PIX would imply PIX 7.x. Sequence numbers
came in in PIX 6.2.

In Cisco terms, a "standard" access-list would be one that had
no protocol, and had a source (and possibly a source mask) but no
destination. Such entries are used on the PIX only for OSPF.
The PIX 6.3 documentation syntax implies that you cannot use line
numbers for such lists, but I do not have access to a system to
try it on.