Anyway to add rulebase comments (at CLI not PDM) to 6.3 Pix?

Unanswered Question
Feb 4th, 2008
User Badges:

Re 6.3 PIX

Cannot see a "Description" type command for this but want to add clarity to the rulebase - also we do not use a PDM to manage - just CLI - thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
m.sir Mon, 02/04/2008 - 04:40
User Badges:
  • Gold, 750 points or more

I you are talking about ACL desription you need to use "remark"

fe.

access-list 101 remark --access to outside--

M.

Hope that helps rate if it does

peter-net Mon, 02/04/2008 - 07:08
User Badges:

I don't have access to a test firewall until later tonight. However I happen to have an acl 100 that is about 25 lines long. Can you use the "remark" command in the specific line as the actual acl - or would I have to have a remark line preceding each and every one of the 25 constituent lines that comprise acl 100?

For example:

access-list 100 remark --allow tacacs--access-list 100 permit host 10.1.1.1 172.16.1.1 eq tacacs

access-list 100 remark --allow DNS--

access-list 100 permit host 10.9.1.1 172.16.1.1 eq domain

access-list 100 remark --allow other stuff--

access-list 100 permit host 10.9.1.1 192.168.1.1 eq otherstuff


and so on ??

Thanks


m.sir Mon, 02/04/2008 - 07:20
User Badges:
  • Gold, 750 points or more

I guess you can insert remark to specific line

witch command

access-list 100 line xxx remark ----

You will see lines witch command

show access-list 100

peter-net Mon, 02/04/2008 - 07:43
User Badges:

OK will test tonight and post reply - thanks for prompt help

Actions

This Discussion