You can modify the zones and class-action statements in a zone policy configuration without removing them from the policy:
-
To modify the ports associated with a zone, enter the
class zone
command. Remember that the classname you entered is case sensitive. From the class-configuration context, make the necessary changes by removing or adding ports. (To display a class configuration, enter theclassname
show class zone
command.)classname
When you exit class configuration context, the changes are automatically saved and applied to existing policy configurations on the switch that use the class if the policies have not been applied to a ONE application. If a policy has already been applied, the editing changes are not accepted, and an error message is displayed.
-
To modify the class-action statements in a policy, enter the
policy
command. (To display a policy configuration, enter thepolicy-name
show policy
command as shown.) From the policy-configuration context, complete one of the following:policy-name
-
Enter a new class-action statement. If you do not include a sequence number, the new class-action statement is inserted at the end of the policy configuration.
-
Remove a class-action statement by entering the
no
command.sequence-number
-
Replace an existing class-action statement by:
-
Entering the
no
sequence-number command to delete the entry. -
Entering a new
class zone
command.source zone name
destination zone name
action intercept unidirectional
-
-
When you exit the policy-configuration context, the changes are automatically applied to the policy configuration if the policy has not been applied to an interface. If the policy has already been applied to an interface, the editing changes are not accepted and an error message is displayed.