Adding a user-defined rule set – H3C Technologies H3C Intelligent Management Center User Manual
Page 858
844
{
To modify rules you have already created, click the Modify icon associated with the rule
sequence you want to modify. For more information modifying a rule set, see "
modifying a link rule in a link rule set
{
To copy rules you have already created, click the Copy icon
associated with the rule
sequence you want to copy. For more information about copying a rule set, see "
{
Rules that belong to a rule set that is configured with a Match Order of 'Config' are executed in
the order in which they appear in the rule set. The order in which rules appear in a rule set is
initially defined by the order in which they are created. You can reorder the rules in a rule set
using the Sort feature. For more information about using Sort to redefine the order of
appearance of rules in a rule set, see "
Using sort to reorder the rules in an ACL rules set
{
ACLs can have a profound effect on the performance of networks. ACL Management
automatically evaluates the effectiveness of rules and their effect on overall network
performance as you add rules to a rule set. You can also manually perform an analysis of a rule
set and optimize its effect on network performance using the Optimize feature. For more
information about using this feature, see "
Optimizing the rules in a rule set
{
To delete one or more rules from a rule set, see "
Deleting rules from an ACL rule set
27.
Click Finish when you have finished creating rules for this rule set.
Once you have created an ACL you are ready to deploy the ACL to devices using the ACL
Management's ACL Deployment wizard. For more information about deploying ACLs, see
"
Deploying ACLs using IMC ACL deployment wizard
Adding a user-defined rule set
User-Defined ACLs enable you to define a hexadecimal pattern and mask and the offset in the packet
header that identifies where to begin the pattern matching. When a pattern is matched, the conditions
of the rule in the ACL are applied. A valid numeric range for assigning ACL Identifiers to user-defined
ACLs is 5000-5999.
To add a user-defined rule set to an existing ACL resource:
1.
Navigate to ACL Resource:
a.
Click the Service tab from the tabular navigation system on the top.
b.
Click ACL Management section of the navigation tree on the left.
c.
Click the ACL Resource link located under ACL Management on the navigation tree on the left.
The ACL Resource list displays in the main pane of the ACL Resource page.
2.
Click the ACL Identifier for the user-defined ACL for which you want to create a new rule set. Refer
to the ACL Type field in the ACL Resource list for identifying ACLs for which the type is
'User-Defined'.
The Rule Set List displays in the main pane of the ACL Resource > <ACL Resource Name (ACL
Identifier)> page.
3.
Click Add.
The Basic Info step of the Add Rule Set page appears.
Several fields are already configured and cannot be changed. These include the ACL Identifier, the
ACL Type, and the ACL Resource Name. These cannot be changed because they are inherited by
the ACL to which this rule set belongs.
You can create rule sets of the same type as the type of ACL to which the rule set belongs.
4.
Enter a name for the rule set in the Rule Set Name field.