Symptom
When modifying the existing ACEs, invalid UDF syntax such as duplicate use of UDF field or use of mask 0xFF in an ACE goes through commit occasionally in case of doing a commit along with multiple correct ACEs
Invalid mask 0x00
1702 deny tcp 103.0.0.0/8 101.0.0.0/8 out_l3_41b_1b 0x28 0x00
Duplicate use of UDF field
2001 deny ipv6 2001:db8:103::/48 2001:db8:101::/48 udf out_l3_41b_1b 0x40 0xff out_l4_36b_1b 0x33 0xff
Conditions
When modifying multiple existing ACEs which include invalid mask 0x00 or duplicate use of UDF field.
Workaround
Re-applying the ACL after modifying ACEs, or making a commit one by one.
Further Problem Description
