Figure 3, N in, Table 4 – H3C Technologies H3C SecPath F1000-E User Manual

Page 16

Figure 3 List of basic ACL rules

Figure 4 Basic ACL rule configuration page

Table 4 Configuration items

Item Description

Rule ID

Select the Rule ID box and enter a number for the rule.
If you do not specify a rule number, the system automatically assigns one to the rule.

IMPORTANT:

If the rule already exists, the configuration overwrites the old rule.

Operation

Select the operation to be performed for packets matching the rule.

•

Permit—Allows matching packets to pass.

•

Deny—Denies matching packets.

Time Range

Select a time range for the rule.
If you select None, the rule will always be effective.
Available time ranges are configured by selecting Resource > Time Range from the
navigation tree.

Non-first Fragments
Only

Select this box to apply the rule to only non-first fragments. If you do no select this box,
the rule applies to all fragments and non-fragments.

Logging

Select this box to log matching packets.
A log entry contains the ACL rule number, action on the matching packets, protocol that

IP carries, source/destination address, source/destination port number, and number of
matching packets.

This manual is related to the following products:

H3C SecPath F5000-A5 Firewall H3C SecPath F1000-A-EI H3C SecPath F1000-E-SI H3C SecPath F1000-S-AI H3C SecPath F5000-S Firewall H3C SecPath F5000-C Firewall H3C SecPath F100-C-SI H3C SecPath F1000-C-SI H3C SecPath F100-A-SI H3C SecBlade FW Cards H3C SecBlade FW Enhanced Cards H3C SecPath U200-A U200-M U200-S H3C SecPath U200-CA U200-CM U200-CS