H3C Technologies H3C Intelligent Management Center User Manual

815

•

IP Address/Mask: Allows you to enter a specific IP address and its subnet mask for which you want

to either permit or deny traffic.

a.

Enter an IP address/subnet mask combination in the IP Address/Mask field.

The subnet mask must be entered in dotted decimal notation. A valid IP address/subnet mask using

dotted decimal notation would be

192.168.1.0/255.255.255.0

A forward slash "/" must be used to separate the IP address from the subnet mask.

•

Variable Address: Allows you to create a named variable without requiring you to enter the IP
addresses/masks in the template. The named variable then serves as a placeholder for Net

Address Group you created using the Assistant combination when you import the template as a rule

set into an existing ACL.

b.

Enter a name for this variable in the field to the right.

9.

If you selected TCP or UDP as the protocol you want to apply this ACL rule to in Step 8, you must
also specify the source TCP or UDP port numbers:

a.

Select the source TCP or UDP port option by clicking the radio button to the left of the port

option you want to apply in the Source Port field of the Advanced Settings section:

•

Undefined: Allows you to permit or deny traffic for all TCP or UDP port numbers.

•

Specified Port: Allows you to identify a specific TCP or UDP port number or range of numbers. Click
the radio button to the left of Specified Port and select the operator you want to use from the list

located to the right of the Specified Port option. Enter the TCP or UDP port number in the Port field.

•

Variable Port: Allows you to create a named variable without requiring you to enter the ports in the

template. The named variable then serves as a placeholder for Service you creating using the
Assistant combination when you import the template as a rule set into an existing ACL.

b.

Enter a name for this variable in the field to the right.

10.

If you selected TCP or UDP as the protocol you want to apply this ACL rule to in Step 8, you must
also specify the destination TCP or UDP port numbers:

a.

Select the destination TCP or UDP port option by clicking the radio button to the left of the
port option you want to apply in the Destination Port field of the Advanced Settings section:

{

Undefined: Allows you to permit or deny traffic for all TCP or UDP port numbers.

{

Specified Port: Allows you to identify a specific TCP or UDP port number or range of numbers.

b.

Click the radio button to the left of Specified Port and select the operator you want to use

from the list located to the right of the Specified Port option.

c.

Enter the TCP or UDP port number in the Port field.

{

Variable Port: Allows you to create a named variable without requiring you to enter the ports in

the template. The named variable then serves as a placeholder for Service you creating using
the Assistant combination when you import the template as a rule set into an existing ACL.

d.

Enter a name for this variable in the field to the right.

11.

If you selected TCP or UDP as the protocol you want to apply this ACL rule to in Step 4, you could
be promoted to select these options:

{

Click the radio button to the left of Yes in the HP ACK option if you want to apply the rule to
match the TCP ACK, otherwise click on the radio button to the left of No.

{

Click the radio button to the left of Yes in the HP FIN option if you want to apply the rule to
match the TCP FIN, otherwise click on the radio button to the left of No.