H3C Technologies H3C Intelligent Management Center User Manual
Page 888
874
The Rule Set List for the selected ACL displays in the main pane of the ACL Resource > Resource Name (ACL Identifier)> page. 3. Click the icon in the Modify field associated with the rule you want to add a rule to. 4. Click Next to advance to the next step in the Modify Rule Set page. 5. Click Next to advance to the next step in the Modify Rule Set page. 6. Click Add on the Configure Rule page to configure a new rule. 7. To modify a rule, click the Modify icon associated with the rule you want to modify. 8. Select the protocol for which you want to permit or deny traffic from the Protocol list. 9. Select the action you want to take by clicking the radio button to the left of the option you want to apply to this rule: { Select permit if, upon matching the specified conditions, the packet should be forwarded. { Select deny if, upon matching the specified conditions, the packet should be discarded. 10. Select the time range you want to apply to this rule from the Time Range list. 11. Select the source IP address option you want to use by clicking the radio button to the left of the { All: Allows you to permit or deny traffic for all IP addresses. { IP Address/Mask: Allows you to enter a specific IP address and its subnet mask for which you a. Enter an IP address/subnet mask combination in the IP Address/Mask field. The subnet mask must be entered in dotted decimal notation. A valid IP address/subnet mask using 192.168.1.0/255.255.255.0 A forward slash "/" must be used to separate the IP address from the subnet mask. 12. Select the destination IP address option you want to use by clicking the radio button to the left of the desired option in the Destination Address field. pattern matching is applied to the destination IP address. { All: Allows you to permit or deny traffic for all IP addresses. { IP Address/Mask: Allows you to enter a specific IP address and its subnet mask for which you want to either permit or deny traffic. a. Enter an IP address/subnet mask combination in the IP Address/Mask field. The subnet mask must be entered in dotted decimal notation. A valid network/subnet mask using 192.168.1.0/255.255.255.0 A forward slash "/" must be used to separate the IP address from the subnet mask.
The Basic Info step of the Modify Rule Set page appears.
The Configure Time Range step of the Modify Rule Set page appears.
The Configure Rule page appears.
The Add Rule page appears.
The Modify Rule page appears.
desired option in the Source Address section.
This option specifies where the pattern matching occurs in this template rule. In this case, the
pattern matching is applied to the source IP address.
want to either permit or deny traffic for.
dotted decimal notation would be
This option specifies where the pattern matching occurs in this template rule. In this case, the
dotted decimal notation would be