Modifying acl rule sets, Modifying a basic rule set – H3C Technologies H3C Intelligent Management Center User Manual
Page 860
846
{
A rule string length must be equal to its mask length
{
Rule string and mask length must be in multiples of 2
{
The minimum length of a rule string and mask is 2
{
The maximum length of a rule string and mask is 160
{
Offsets must be expressed as a decimal integer
{
Offset range varies by the mask length
{
The minimum value for an offset is 0
{
The maximum value for an offset is 79
{
The offset must increase progressively
a.
Enter a hexadecimal pattern to be matched in the Rule String field.
b.
Enter a mask in the Mask field.
c.
Enter the offset in the Excursion field.
d.
Enter up to eight Rule String/Mask/Excursion combinations.
18.
Click OK to create the rule you have just configured.
19.
To add more rules, modify, copy, sort, optimize or delete existing rules, select one of the following:
{
To add more rules to the ACL, repeat Steps 11-18.
{
To modify rules you have already created, click the Modify icon associated with the rule
sequence you want to modify. For more information about modifying a rule set, see "
modifying a user-defined rule in a user-defined rule set
{
To copy rules you have already created, click the Copy icon
associated with the rule
sequence you want to copy. For more information about copying a rule set, see "
{
Rules that belong to a rule set that is configured with a Match Order of 'Config' are executed in
the order in which they appear in the rule set. The order in which rules appear in a rule set is
initially defined by the order in which they are created. You can reorder the rules in a rule set
using the Sort feature. For more information about using Sort to redefine the order of
appearance of rules in a rule set, see "
Using sort to reorder the rules in an ACL rules set
{
ACLs can have a profound effect on the performance of networks. ACL Management
automatically evaluates the effectiveness of rules and their effect on overall network
performance as you add rules to a rule set. You can also manually perform an analysis of a rule
set and optimize its effect on network performance about using the Optimize feature. For more
information using this feature, see "
Optimizing the rules in a rule set
{
To delete one or more rules from a rule set, see "
Deleting rules from an ACL rule set
20.
Click Finish when you have finished creating rules for this rule set.
Once you have created an ACL you are ready to deploy the ACL to devices using the ACL
Management's ACL Deployment wizard. For more information about deploying ACLs, see
"
Deploying ACLs using IMC ACL deployment wizard
Modifying ACL rule sets
Many of the parameters used to create a rule set can be changed using the modify option for all of the
ACL rule types.
Modifying a basic rule set
To modify the basic rule set of an existing ACL resource: