General editing rules
The CLI provides the capability for editing in
the switch by using sequence numbers to insert or delete individual
ACEs. An offline method is also available. This section describes
using the CLI for editing ACLs. You can use the CLI to delete individual
ACEs from anywhere in an ACL, append new ACEs to the end of an ACL,
and insert new ACEs anywhere within an ACL.
When you enter a new ACE in an ACL without specifying a sequence number, the switch inserts the ACE as the last entry in the ACL.
When you enter a new ACE in an ACL and include a sequence number, the switch inserts the ACE according to the position of the sequence number in the current list of ACEs.
You can delete an ACE by using the
ipv6 access-list identifier
command to enter the ACL's context, and thenno seq-#
Deleting the last ACE from an ACL leaves the ACL in the configuration as an "empty"ACL placeholder that cannot perform any filtering tasks. (In any ACL, the implicit deny does not apply unless the ACL includes at least one explicit ACE.