Interface ACL

You can apply an ACL to an interface to filter the packets received by the interface.

Context

You can configure ACL rules and apply the ACL to an interface to filter the packets received by the interface. The ACL rule configuration includes source and destination IP addresses, protocol type, source and destination port numbers.

Procedure

Query the ACL rules applied to interfaces.
1. Click Configuration to display the Configuration page.
2. Choose ACL in the navigation tree to display the ACL page.
3. Click the Interface ACL tab to display the Interface ACL page.
4. Click the icon of the interface to which the ACL rules are applied. The ACL rule record is displayed in the ACL Rules area.
Copy the ACL rules that have been applied to an interface to another interface.
1. Click Configuration to display the Configuration page.
2. Choose ACL in the navigation tree to display the ACL page.
3. Click the Interface ACL tab to display the Interface ACL page.
4. Click the icon of the interface to which the ACL rules have been applied. Click Copy To to display the Copy To page.
5. Select the target interface to which the ACL rules are copied. You can perform the following operations as required:
  - Click the icon of a single interface.
  - Drag the mouse to select multiple neighboring interfaces.
  - Click an LPU name and select all interfaces on the LPU.
6. Click Confirm.
7. Click Apply.

Create ACL rules.

Click Configuration to display the Configuration page.
Choose ACL in the navigation tree to display the ACL page.
Click the Interface ACL tab to display the Interface ACL page.

Click the icon of the interface to which the ACL rules need to be applied and create ACL rules.

If "no record" is displayed in the ACL Rules area, click or Add on the left of Ascend. A record of ACL Rules is displayed in the ACL Rules area. Set the ACL rule parameters.

If the existing ACL rule records are displayed in the ACL Rules area, click or Add on the left of Ascend or on the right of Delete. A new record of ACL Rules is displayed in the ACL Rules area. Set the ACL rule parameters.

NOTE:

If you click or Add on the left of Ascend, a new record of ACL Rules is inserted to the first line in the ACL Rules area. If you click Add on the right of Delete, a new record of ACL Rules is inserted to the last line in the ACL Rules area.

Table 1 describes the parameters for creating ACL rules.

**Table 1** Parameters for creating ACL rules
Parameter	Description
Source IP	Indicates the source IP address. The default value is any, indicating that any source IP address can be specified.
Mask of Source IP	Indicates the mask of the source IP address. The default value is 0 (0.0.0.0).
Destination IP	Indicates the destination IP address. The default value is any, indicating that any destination IP address can be specified.
Mask of Destination IP	Indicates the mask of the destination IP address. The default value is 0 (0.0.0.0).
Protocol Type	Indicates the protocol type, including: ip tcp udp icmp The default protocol type is IP.
Source Port Number	Indicates the source port number. This parameter is valid only when the protocol type is TCP or UDP. If this parameter is not specified, TCP or UDP packets with any source port are matched.
Destination Port Number	Indicates the destination port number. This parameter is valid only when the protocol type is TCP or UDP. If this parameter is not specified, TCP or UDP packets with any destination port are matched.
Action	Indicating the action matching a packet, including: permit deny The default action is permit.

Click Apply.

Edit ACL rules.
1. Click Configuration to display the Configuration page.
2. Choose ACL in the navigation tree to display the ACL page.
3. Click the Interface ACL tab to display the Interface ACL page.
4. Click the icon of the interface to which the ACL rules have been applied and edit ACL rules.
  - Edit ACL rule entries.
    
    Modify the ACL rule parameters in the ACL Rules area.
  - Adjust the ACL rule entry sequence.
    
    Select a record of ACL Rules in the ACL Rules area. Click Ascend or Descend to adjust the ACL rule entry sequence.
5. Click Apply.
Delete ACL rules.
1. Click Configuration to display the Configuration page.
2. Choose ACL in the navigation tree to display the ACL page.
3. Click the Interface ACL tab to display the Interface ACL page.
4. Click the icon of the interface to which the ACL rules have been applied. In the ACL Rules area, click Delete next to the record to be deleted or select records and click Delete next to Descend to delete the ACL rules in batches.
5. Click Apply.