UCL Config
Procedure
- Query ACLs.
- Click in the function area. Choose to open the UCL Config page.
- Set the search criteria.
- Click
to display
all matching records.
- Create an ACL.
- Click Create to open the Create ACL page, as shown in Figure 1.
Table 1 describes the parameters on the page.
Table 1 Create ACL Parameter
Description
ACL name
Indicates the name of an ACL. The ACL name must be unique.NOTE:- The value is a string starting with a letter, without spaces.
- Either an ACL number or an ACL name is required to identify an ACL.
- When you modify an ACL, the ACL name cannot be changed.
ACL number
Indicates the number of an ACL. It identifies an ACL. The value is an integer that ranges from 6000 to 9999.NOTE:- When you modify an ACL, the ACL number cannot be changed.
- Either an ACL number or an ACL name is required to identify an ACL.
ACL description
Indicates the description of an ACL. It is optional.
- Click Create to open the Create ACL page, as shown in Figure 1.
- Modify an ACL.
- Select an ACL and click Modify.
- Delete an ACL.
- Click in the function area. Choose to open the UCL Config page.
- Select an ACL and click Delete. If the ACL contains rules, the system prompts you that the rules in the ACL will be deleted and asks you whether to delete the ACL.
- Click OK. If the operation succeeds, the system returns to the UCL Config page; otherwise, an error message is displayed.
- Add a rule.
- Click Add Rule of an ACL.
If the ACL is a UCL, the rule page is displayed as shown in Figure 2.
Table 2 describes the parameters for adding rules.
Table 2 Add Rule Parameter
Description
Action
Indicates whether to permit or deny packets. The default action is permit.
Protocol type
Indicates the type of the protocol. It is mandatory. The ACL types include:- GRE(47)
- ICMP(1)
- IGMP(2)
- IP
- IPINIP(4)
- OSPF(89)
- TCP(6)
- UDP(17)
- Customized typeNOTE:
The text box is valid only when the UCL type is customized.
Source
Source IP/Wildcard
Indicates the IP address and wildcard. The source IP address and wildcard are in dotted decimal format.
NOTE:If the source IP address and wildcard are not specified, any source IP address is matched.
Source user group
Indicates the source user group of packets. Select the following operations:- To specify the source UCL group, click
. - To create a source UCL group, click
. - To modify the source UCL group, click
. - To delete the source UCL group, click
.
Destination
Destination IP/Wildcard
Indicates the destination IP address and wildcard in packets.
The destination IP address and wildcard are in dotted decimal format.
NOTE:If the destination IP address and wildcard are not specified, any destination IP address is matched.
Dest user group
Indicates the destination user group of packets. Select the following operations:- To specify the destination UCL group, click .
- To create a destination UCL group, click .
- To modify the destination UCL group, click .
- To delete the destination UCL group, click .
Matching Interface
Source port number
This parameter is valid only when the protocol type is TCP or UDP. If this parameter is not specified, TCP or UDP packets with any source port are matched.
Destination port number
This parameter is valid only when the protocol type is TCP or UDP. If this parameter is not specified, TCP or UDP packets with any destination port are matched.
Set Time
Time range
Indicates the time range when the ACL takes effect.NOTE:The time range name is displayed on the configuration result page.
- Click Add Rule of an ACL.
- Modify a rule.
- Click in the function area. Choose to open the UCL Config page.
- Select an ACL and click
to expand the ACL rules. - Click of a
rule to modify the rule. Table 2 describes the parameters
on the page.
Click
and 
to change the
order of the rule, and click Apply to make
the new order take effect. - Delete a rule.
- Click in the function area. Choose to open the UCL Config page.
- Select an ACL and click to expand the ACL rules.
- Click of a
rule to delete the rule. In the dialog box that is displayed, click OK.
