База знаний CloupardACL Access control list
ACL (Access Control List) is a list of rules that prohibit or allow network resources using.
ACL works with different protocols (TCP, UDP), ports and port ranges.
To adjust ACL, there has to be a created virtual network with a public IP.
To adjust ACL, go to the management consoles in «Virtual networks».
1. The structure of ACL rules. Each rule of the ACL list consists of the following parameters.
1.1 Description – a short description of a rule.
1.2 Rule type defines for which type of traffic a rule was created. The rules for incoming and outgoing traffic are created separately.
1.2.1 Outgoing traffic – traffic that comes from a virtual network to the internet.
1.2.2 Incoming traffic – traffic that comes from outside from the internet to the internal network.
1.3 Protocol defines for which protocol a rule was created. Available protocols: TCP, UDP or TCP/UDP.
1.4 Source and purpose (CIDR) define for which list of IP addresses a rule is created.
1.5 External port or port range defines a port or a port range for the network protocol that was selected in a rule. You can specify one port or only a continuous port range. You can not enumerate the list of arbitrary ports through comma. To specify multiple arbitrary ports, you have to create separate rules.
1.6 Action defines whether it is allowed or prohibited to pass the traffic according to a specified rule.
2. How to create a rule.
Select the needed virtual network, for which you want to set up the access control lists, and go to the ACL rules management.
3. Click «Add a rule».
4. In the appeared window fill in the fields and click «Create».
Rule execution order
The rules are applied in the order in which they are listed in the management console.
You can change the rule execution order by simply pulling the rules in the list.
|