Configuring a rule for an ipv4 advanced acl – H3C Technologies H3C WX3000E Series Wireless Switches User Manual
Page 670
649
Table 210 Configuration items
Item
Description
ACL
Select the IPv4 basic ACL for which you want to configure rules.
Available ACLs are IPv4 basic ACLs.
Rule ID
Select the Rule ID option and enter a number for the rule.
If you do not specify the rule number, the system assigns one automatically.
IMPORTANT:
If the rule number you specify already exists, this procedure modifies the configuration
of the existing rule.
Action
Select the action to be performed for IPv4 packets matching the rule:
•
Permit—Allows matched packets to pass.
•
Deny—Drops matched packets.
Check Fragment
Select this option to apply the rule to only non-first fragments.
If you do not select this option, the rule applies to all fragments and non-fragments.
NOTE:
Do not select this option for an AC, because an AC does not support fragmentation.
Check Logging
Select this option to keep a log of matched IPv4 packets.
A log entry contains the ACL rule number, operation for the matched packets,
protocol that IP carries, source/destination address, source/destination port
number, and number of matched packets.
NOTE:
Do not select this option for an AC, because an AC does not support logging.
Source IP Address
Select the Source IP Address option, and enter a source IPv4 address and source
wildcard, in dotted decimal notation.
Source Wildcard
Time Range
Select the time range during which the rule takes effect.
Configuring a rule for an IPv4 advanced ACL
1.
Select QoS > ACL IPv4 from the navigation tree.
2.
Click the Advanced Setup tab.