Manualshelf

CLI Reference Guide

ManualsBrandsHP ManualsSoftwareHP Wireless Switch Manager Software
311312313314315316317318319320
Using Access Control Lists for Security 311
10 To close the Create IP ACE dialog box and save the changes, click Finish.
Creating a TCP or UDP ACE
To create a TCP or UDP ACE:
1 In the ACL Setup page of the Create ACL wizard, click New. A list of
ACEs appears.
2 Select the ACE you want to create.
To create a TCP ACE, click New TCP ACE. The Create TCP ACE dialog
box appears.
To create a UDP ACE, click New UDP ACE. The Create UDP ACE
dialog box appears.
3 In the Action list, select Permit to allow access if the conditions in the
ACE are matched, or Deny to refuse access if the conditions are
matched.
4 If you select Permit, in the CoS box, specify a class-of-service level for
packets. For information, see step 4 in “Creating an IP ACE” on
page 309.
5 To enable counting of packets filtered by an ACL, select Enable Hit
Count.
6 To apply the ACL only to established TCP sessions, select
Established Connection.
If you select this option, the ACL is applied only to established TCP
sessions and is not applied to new TCP sessions.
7 Define the IP attributes (source and destination IP addresses, the TOS, and
the precedence). The steps are the same as the steps when configuring
an IP ACE. See step 6 on page 309 through step 9 on page 310.
8 In the Operator list of the Create TCP ACE or Create UDP ACE dialog box,
select one of the following:
None — No source port is used to filter packets. Go to step 13.
Less Than — Packets are filtered for all ports whose port numbers are
lower than the source port.
Greater Than — Packets are filtered for all ports whose port numbers
are higher than the source port.
Equal — Packets are filtered for the source port name or number.
Not Equal — Packets are filtered for all ports except the source port
name or number.