Help Center> Virtual Private Cloud> User Guide> Access Control> Network ACL> Management Network ACL Rules> Modifying a Network ACL Rule
Updated on 2024-05-06 GMT+08:00
View PDF

Modifying a Network ACL Rule

Scenarios

Modify an inbound or outbound network ACL rule based on your network security requirements.

Procedure

  1. Log in to the management console.
  1. Click in the upper left corner and select the desired region and project.
  2. Click in the upper left corner and choose Networking > Virtual Private Cloud.

    The Virtual Private Cloud page is displayed.

  3. In the navigation pane on the left, choose Access Control > Network ACLs.

    The network ACL list is displayed.

  4. In the network ACL list, locate the target network ACL and click its name.

    The network ACL summary page is displayed.

  5. Click the Inbound Rules or Outbound Rules tab, locate the target rule, click Modify in the Operation column, and modify parameters as needed.
    Table 1 lists the parameters to be configured.
    Table 1 Parameter descriptions

    Parameter

    Description

    Example Value

    Priority

    Priority of a network ACL rule. A smaller priority value represents a higher priority. Each network ACL includes a default rule whose priority value is an asterisk (*). Default rules have the lowest priority.

    3

    Status

    Status of a network ACL. When you add a rule to it, its default status is Enabled.

    Enabled

    Type

    This parameter is available only after the IPv6 function is enabled.

    The network ACL type. This parameter is mandatory. You can select a value from the drop-down list. Currently, only IPv4 and IPv6 are supported.

    IPv4

    Action

    The action in the network ACL. This parameter is mandatory. You can select a value from the drop-down list. Currently, the value can be Allow or Deny.

    Allow

    Protocol

    The protocol supported by the network ACL. This parameter is mandatory. You can select a protocol from the drop-down list.

    You can select TCP, UDP, ICMP, or All.

    TCP

    Source

    The source from which the traffic is allowed. The source can be an IP address or IP address range.

    • IP address:
      • Single IP address: 192.168.10.10/32 (IPv4); 2002:50::44/128 (IPv6)
      • All IP addresses: 0.0.0.0/0 (IPv4); ::/0 (IPv6)
      • IP address range: 192.168.1.0/24 (IPv4); 2407:c080:802:469::/64 (IPv6)

    0.0.0.0/0

    Source Port Range

    The source port number or port number range. The value ranges from 1 to 65535. For a port number range, enter two port numbers connected by a hyphen (-). For example, 1-100.

    22, or 22-30

    Destination

    The destination to which the traffic is allowed. The destination can be an IP address or IP address range.

    • IP address:
      • Single IP address: 192.168.10.10/32 (IPv4); 2002:50::44/128 (IPv6)
      • All IP addresses: 0.0.0.0/0 (IPv4); ::/0 (IPv6)
      • IP address range: 192.168.1.0/24 (IPv4); 2407:c080:802:469::/64 (IPv6)

    0.0.0.0/0

    Destination Port Range

    The destination port number or port number range. The value ranges from 1 to 65535. For a port number range, enter two port numbers connected by a hyphen (-). For example, 1-100.

    You must specify this parameter if TCP or UDP is selected for Protocol.

    22, or 22-30

    Description

    Supplementary information about the network ACL rule. This parameter is optional.

    The description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

    N/A
  6. Click Confirm.
Parent Topic: Management Network ACL Rules