R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101
61
Configuring an ACL
Configuring a time range
You can implement ACL rules based on the time of day by applying a time range to them. A time-based
ACL rule takes effect only in any time periods specified by the time range.
The following basic types of time range are available:
• Periodic time range—Recurs periodically on a day or days of the week.
• Absolute time range—Represents only a period of time and does not recur.
You can create multiple statements in a time range. The active period of a time range is calculated as
follows:
1. Combining all periodic statements
2. Combining all absolute statements
3. Taking the intersection of the two statement sets as the active period of the time range
You can create a maximum of 256 time ranges, each with a maximum of 32 periodic statements and 12
absolute statements.
Follow these steps to configure a time range:
To do… Use the command…
Remarks
Enter system view
system-view ––
Configure a time range
time-range time-range-name
{ start-time to end-time days [ from
time1 date1 ] [ to time2 date2 ] |
from time1 date1 [ to time2 date2 ]
| to time2 date2 }
Required
By default, no time range exists.
Repeat this command with the same time
range name to create multiple statements
for a time range.
Configuring an IPv4 basic ACL
IPv4 basic ACLs match packets based only on source IP addresses.
Follow these steps to configure an IPv4 basic ACL:
To do… Use the command… Remarks
Enter system view
system-view ––
Create an IPv4 basic ACL
and enter its view
acl number acl-number [ name
acl-name ] [ match-order { auto
| config } ]
Required
By default, no ACL exists.
IPv4 basic ACLs are numbered in the range
2000 to 2999.
You can use the acl name acl-name command
to enter the view of a named IPv4 ACL.
Configure a description for
the IPv4 basic ACL
description text
Optional
By default, an IPv4 basic ACL has no ACL
description.