show run 是不显示ACL编号的,但实际这个编号在show acl 时会显示,在命令上只要加上编号,就可以插入了;
举例如下:
ciscoasa(config)# access-list demo permit host 192.168.1.1
ciscoasa(config)# access-list demo permit host 192.168.1.2
ciscoasa(config)# access-list demo permit host 192.168.1.3
ciscoasa# show access-list demo
access-list demo; 3 elements; name hash: 0x61985251
access-list demo line 1 standard permit host 192.168.1.1 (hitcnt=0) 0xb94e4b8b
access-list demo line 2 standard permit host 192.168.1.2 (hitcnt=0) 0x9176794b
access-list demo line 3 standard permit host 192.168.1.3 (hitcnt=0) 0x4448b463
ciscoasa(config)# access-list demo line ?
configure mode commands/options:
<1-2147483647> Line-number
ciscoasa(config)# access-list demo line 2 deny host 192.168.1.4
ciscoasa(config)# show access-list demo
access-list demo; 4 elements; name hash: 0x61985251
access-list demo line 1 standard permit host 192.168.1.1 (hitcnt=0) 0xb94e4b8b
access-list demo line 2 standard deny host 192.168.1.4 (hitcnt=0) 0x2cdeb408
access-list demo line 3 standard permit host 192.168.1.2 (hitcnt=0) 0x9176794b
access-list demo line 4 standard permit host 192.168.1.3 (hitcnt=0) 0x4448b463
ciscoasa(config)# show run access-list
access-list demo standard permit host 192.168.1.1
access-list demo standard deny host 192.168.1.4
access-list demo standard permit host 192.168.1.2
access-list demo standard permit host 192.168.1.3