Adding a link rule to a link acl template – H3C Technologies H3C Intelligent Management Center User Manual

Page 830

Advertising
background image

816

{

Click the radio button to the left of Yes in the HP RST option if you want to apply the rule to

match the TCP RST, otherwise click on the radio button to the left of No.

{

Click the radio button to the left of Yes in the HP SYN option if you want to apply the rule to
match the TCP SYN, otherwise click on the radio button to the left of No.

The HP ACK, HP FIN, HP RST, and HP SYN settings are valid only for the HP E series devices.

12.

Select the IP priority you want to apply to ACL template from the IP Priority list.

13.

Select the Type of Service for this ACL template from the ToS Value list.

14.

Select the DSCP value you want to apply to this ACL template from the DSCP Value list.

15.

Do one of the following:

{

Click the radio button to the left of Yes in the Fragment option if you want to apply the rule
to each fragment, or

{

Click the radio button to the left of No in the Fragment option if you want to apply the rule to

first fragments.

Traditional packet filtering matched only first fragments of IPv4 packets and allowed all
subsequent non-first fragments to pass through. This resulted in security risks as hackers can

fabricate non-first fragments to attack networks.

16.

Click the radio button to the left of Yes in the Logging option if you want to enable logging for
this rule.
This feature enables the logging of packet filtering only when a module (for example, a firewall)
using the ACL supports logging.

17.

Enter the VPN instance you want to apply to this rule by entering the VPN-instance-name in the
VPN Instance field.
A valid entry must be 0-31 characters that cannot contain question marks or blank spaces. Note
also that this field is case sensitive. If no VPN instance is specified in this field, the rule applies only

to non-VPN packets.

18.

Click OK to create the rule you have just configured.

19.

Click OK to add the rule to the ACL template.

Adding a link rule to a link ACL template

To add a link rule to a link ACL template:

1.

Navigate to ACL Template:

a.

Click the Service tab from the tabular navigation system on the top.

b.

Click ACL Management section of the navigation tree on the left.

c.

Click the ACL Template link located under ACL Management on the navigation tree on the left.
The Template List displays in the main pane of the page.

2.

Click the icon in the Modify field associated with the link template you want to modify.
The Modify Template page appears.

3.

Click Add Rule to add a rule to the ACL template.
The Add Link Rule page appears.

4.

Select the action you want to take by clicking the radio button to the left of the option you want
to apply to this rule:

{

Select permit if, upon matching the specified conditions, the packet should be forwarded.

{

Select deny if, upon matching the specified conditions, the packet should be discarded.

Advertising
Popular Brands
Popular manuals