Adding an access acl – H3C Technologies H3C Intelligent Management Center User Manual

140

{

Counting—Whether to count packets that match the ACL rule.

{

Priority(high to low)—Priority level of the ACL rule. The ACL Rule List sorts in descending order
of priority level. Packets are matched against ACL rules in the order that they appear on the ACL
Rule List.

Adding an access ACL

1.

Access the access ACL list page.

2.

Click Add.
The Add Access ACL page appears.

3.

Configure the Basic Information area parameters:

{

ACL Name—Enter a unique name of the access ACL.

{

Default Action—Select an action to take on packets that do not match any ACL rule on the ACL
Rule List area: Permit or Deny. The Permit action means to forward the packets. The Deny action

means to drop the packets.

{

Count packets that do not match the ACL—Select this option if you want UAM to count the
packets that do not match any ACL rule on the ACL Rule List area.

{

Description—Enter a description of the access ACL to help facilitate maintenance.

{

Service Group—Select a service group from the list to assign the access ACL to that group for
privilege-based management. Select Ungrouped if you do not want to assign the access ACL to

any service group.

4.

Configure ACL rules for the access ACL.

a.

On the ACL Rule List area, click Add.
The Add ACL Rule window appears.

b.

Configure the following parameters:

−

Action—Select an action, Permit or Deny. The Permit action means to forward the matching
packets. The Deny action means to drop the matching packets.

−

Protocol—Select the name or number of the transport layer protocol. Select All IP Protocols
if you want all transport layer protocol packets to match the ACL rule.

−

Dest IP—Enter the destination IP address in dotted decimal notation.

−

Mask Length—Select the length of the subnet mask for the destination IP address. The
Dotted Decimal Mask field is automatically populated with the dotted decimal notation of

the subnet mask according to the selected mask length.

−

Dest Port—Enter the destination port number. This parameter appears only when the
transport layer protocol is TCP or UDP.

−

Counting—Select this option if you want UAM to count packets that match the ACL rule.

c.

Click OK.
The Add Access ACL page refreshes to display the new ACL rule on the ACL Rule List.

d.

To add more ACL rules, repeat the previous steps.

e.

To change the priority level of an ACL rule, click the Move Up icon or Move Down icon
for that rule in the Priority(high to low) column. The ACL Rule List sorts in descending order of

priority level. Packets are matched against ACL rules in the order that they appear on the ACL

Rule List.

f.

To modify an ACL rule, click the Modify icon for that rule.