Manualshelf

HP VPN Firewall Appliances Access Control Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
11121314151617181920
8
Figure 6 IPv4 Advanced ACL rule configuration page
4. Configure an IPv4 advanced ACL rule as described in Table 4.
5. Click Apply.
Table 4 Configuration items
Item Descri
p
tion
Rule ID
Select the Rule ID box, and enter a number for the rule.
If you do not specify the rule number, the system assigns one automatically.
If the rule already exists, the configuration overwrites the old rule.
Operation
Select the action to be performed on packets matching the rule:
Permit—Allows matching packets to pass.
Deny—Denies matching packets.
Time Range
Select a time range for the rule.
If you select None, the rule is always effective.
Available time ranges are configured by selecting Resource > Time Range from
the navigation tree.
Non-first Fragments Only
Select this box to apply the rule to only non-first fragments. If you do not select
this box, the rule applies to all packets (including non-fragment packets and
each fragment).
Selecting this box improves the ACL rule matching efficiency.
Logging
Select this box to log matching IPv4 packets.
A log entry contains the ACL rule number, action on the matching packets,
protocol over the IP, source/destination address, source/destination port
number, and number of matching packets.