Table 45-10 – H3C Technologies H3C WX6000 Series Access Controllers User Manual

45-10

Table 45-10 Configuration items for an advanced IPv4 ACL rule

Item

Description

ACL

Select the advanced IPv4 ACL for which you want to configure
rules.

Available ACLs are advanced IPv4 ACLs that have been
configured.

Rule ID

Select the Rule ID check box and type a number for the rule.

If you do not specify the rule number, the system will assign
one automatically.

Action

Select the action to be performed for IPv4 packets matching
the rule.

Permit: Allows matched packets to pass.

Deny: Drops matched packets.

Non-First Fragments Only

Select this check box to apply the rule to only non-first
fragments.

If you do no select this check box, the rule applies to all
fragments and non-fragments.

Logging

Select this check box to keep a log of matched IPv4 packets.

A log entry contains the ACL rule number, operation for the
matched packets, protocol that IP carries, source/destination
address, source/destination port number, and number of
matched packets.

Source IP Address

Source Wildcard

Select the Source IP Address check box and type a source
IPv4 address and source wildcard, in dotted decimal notation.

Destination IP Address

IP Address
Filter

Destination Wildcard

Select the Source IP Address check box and type a source IP
address and source wildcard, in dotted decimal notation.

Protocol

Select the protocol to be carried by IP.

If you select 1 ICMP, you can configure the ICMP message
type and code; if you select 6 TCP or 17 UDP, you can
configure the TCP or UDP specific items.

ICMP Message

ICMP Type

ICMP Type

ICMP Code

Specify the ICMP message type and code.

These items are available only when you select 1 ICMP from
the Protocol drop-down box.

If you select Other from the ICMP Message drop-down box,
you need to type values in the ICMP Type and ICMP Code
fields. Otherwise, the two fields will take the default values,
which cannot be changed.