Use EMA and CLI to add or modify Access Control List rules.

For feature description, refer to IP ACL Policing - Packet Filtering.

Adding/Editing a Rule Using CLI

Use following command to add/edit a rule:

% set addressContext <name> ipAccessControlList...

Mandatory parameters:

  • rule <name>
  • precedence <1-65535>

Non-mandatory parameters (default values are in bold font):

  • action <accept | discard>
  • bucketSize <1-255, or unlimited>
  • destinationAddressPrefixLength <length, 0>
  • destinationIpAddress <IPv4 / IPv6 Address, 0.0.0.0>
  • destinationPort <0-65535, or any>
  • fillRate <1-10000, unlimited>
  • ipInterface <name>
  • ipInterfaceGroup <name>
  • mgmtIpInterface <name>
  • mgmtIpInterfaceGroup <name>
  • protocol <0–255 | any | icmp | icmpv6 | ospf | tcp | udp>
  • sourceAddressPrefixLength <0-128>
  • sourceIpAddress <IPv4 / IPv6 address, 0.0.0.0>
  • sourcePort <0-65535, or any>
  • state <disbled | enabled>

For parameter descriptions, see  IP Access Control List - Cloud - CLI

Adding or Editing a Rule Using EMA

Refer to Security Configuration - Ip Access Control List