3 editing an existing rule – Motorola Series Switch WS5100 User Manual
Page 247
Switch Security
6-23
6.5.2.3 Editing an Existing Rule
As network and access permission requirements change, existing ACL rules need to be modified to be
relevant with new client access requests to the switch.
To modify an existing ACL rule:
1. Select
Security
>
ACLs
from the main menu tree.
2. Click on the
Configuration
tab.
3. Select an ACL from the ACLs field.
The rules associated with the selected ACL display in the Associated Rules section.
4. Click the
Edit
button within the Associated Rules field.
5. Use the
Precedence
field to modify the precedence (priority) value between 1 and 5000.
The rules within an ACL will be applied to packets based on their precedence value. Rules with lower
precedence are always applied first.
6. Use the
Operation
drop-down menu (if necessary) to modify the permit, deny or mark designation for the
ACL. If the action is to mark, the packet is tagged for priority.
7. Select the
Logging
checkbox to allow the log messages to be generated when a packet has been
forwarded, denied or marked based on the criteria specified in the access lists.
8. If
mark
is selected from within the
Operations
drop-down menu, the
Attribute to mark
field becomes
enabled. If necessary, select the
802.1p (0 - 7)
or
TOS(0 - 255)
checkbox and define the attribute
receiving priority with this ACL mark designation.
9. From within the
Filters
field, modify (if necessary) the
Source Wildcard/Mask
from the drop-down
menu.
The source is the source address of the network or host in dotted decimal format. The Source-mask is the
network mask.
10.Use the
Source Address
field to edit (if necessary) the IP address from where the packets are sourced.
11.Refer to the
Status
field for the current state of the requests made from applet. This field displays error
messages if something goes wrong in the transaction between the applet and the switch.
12.Click
OK
to use the changes to the running configuration and close the dialog.
13.Click
Cancel
to close the dialog without committing updates to the running configuration.
NOTE: If adding an access control entry to an ACL using the switch SNMP interface,
Precedence
is a required parameter.
NOTE: If an Extended IP ACL type is used, a Destination Wildcard/Mask and Destination
Address are also required.