beautypg.com

3 editing an existing rule – Motorola Series Switch WS5100 User Manual

Page 247

background image

Switch Security

6-23

6.5.2.3 Editing an Existing Rule

As network and access permission requirements change, existing ACL rules need to be modified to be
relevant with new client access requests to the switch.

To modify an existing ACL rule:

1. Select

Security

>

ACLs

from the main menu tree.

2. Click on the

Configuration

tab.

3. Select an ACL from the ACLs field.

The rules associated with the selected ACL display in the Associated Rules section.

4. Click the

Edit

button within the Associated Rules field.

5. Use the

Precedence

field to modify the precedence (priority) value between 1 and 5000.

The rules within an ACL will be applied to packets based on their precedence value. Rules with lower
precedence are always applied first.

6. Use the

Operation

drop-down menu (if necessary) to modify the permit, deny or mark designation for the

ACL. If the action is to mark, the packet is tagged for priority.

7. Select the

Logging

checkbox to allow the log messages to be generated when a packet has been

forwarded, denied or marked based on the criteria specified in the access lists.

8. If

mark

is selected from within the

Operations

drop-down menu, the

Attribute to mark

field becomes

enabled. If necessary, select the

802.1p (0 - 7)

or

TOS(0 - 255)

checkbox and define the attribute

receiving priority with this ACL mark designation.

9. From within the

Filters

field, modify (if necessary) the

Source Wildcard/Mask

from the drop-down

menu.

The source is the source address of the network or host in dotted decimal format. The Source-mask is the
network mask.

10.Use the

Source Address

field to edit (if necessary) the IP address from where the packets are sourced.

11.Refer to the

Status

field for the current state of the requests made from applet. This field displays error

messages if something goes wrong in the transaction between the applet and the switch.

12.Click

OK

to use the changes to the running configuration and close the dialog.

13.Click

Cancel

to close the dialog without committing updates to the running configuration.

NOTE: If adding an access control entry to an ACL using the switch SNMP interface,

Precedence

is a required parameter.

NOTE: If an Extended IP ACL type is used, a Destination Wildcard/Mask and Destination
Address are also required.