is this a bug

I'm using an old IOS version 12.0(5)XK1. When I type in below

no access-list 101 permit tcp any host x.x.x.x eq 25

instead of delete that line only it deletes my whole access-list 101

No, it is not a bug. You cannot remove individual lines from a numbered access list. The whole list gets removed then you need to re-add it.

Bug? Nah, it's a "feature" :-)

You can do this on a PIX, not on a standard access-list though.

You can however use an extended ACL (ip access-list extended blah) and use sequence numbers.

-Wil

C> I'm using an old IOS version 12.0(5)XK1. When I type in below >

I'm using an old IOS version 12.0(5)XK1. When I type in below

no access-list 101 permit tcp any host x.x.x.x eq 25

instead of delete that line only it deletes my whole access-list 101

You cannot delete an entry, you have to delete the whole list and rebuild it.

Doan

Using that old of version of IOS yes.

Newer versions let you use extended access-lists, and do let you remove items line by line if you wish.

"extended" for an ACL in PIX would imply PIX 7.x. Sequence numbers came in in PIX 6.2.

In Cisco terms, a "standard" access-list would be one that had no protocol, and had a source (and possibly a source mask) but no destination. Such entries are used on the PIX only for OSPF. The PIX 6.3 documentation syntax implies that you cannot use line numbers for such lists, but I do not have access to a system to try it on.