Avaya G430 Manual page 569

Editing and creating rules
About this task
To create or edit a policy rule, you must enter the context of the rule. If the rule already exists,
you can edit the rule from the rule context. If the rule does not exist, entering the rule context
creates the rule.
Procedure
1. Enter the context of the list in which you want to create or edit a rule.
2. Enter ip-rule followed by the number of the rule you want to create or edit.
Policy lists rule criteria
Rules work in the following ways, depending on the type of list and the type of information in
the packet:
• Layer 4 rules in an access control list with a Permit operation are applied to non-initial
fragments
• Layer 4 rules in an access control list with a Deny operation are not applied to non-initial
fragments, and the device continues checking the next IP rule. This is to prevent cases
in which fragments that belong to other L4 sessions may be blocked by the other L4
session which is blocked.
• Layer 3 rules apply to non-initial fragments
• Layer 3 rules that include the fragment criteria do not apply to initial fragments or non-
fragment packets
• Layer 3 rules that do not include the fragment criteria apply to initial fragments and non-
fragment packets
• Layer 4 rules apply to initial fragments and non-fragment packets
• Layer 3 and Layer 4 rules in QoS and policy-based routing lists apply to non-initial
fragments
Related topics:
Specifying IP protocol
Specifying a range of IP addresses
Specifying source and destination port range
Applying the rule to ICMP type and code
Specifying TCP establish bit
Administering Avaya G430 Branch Gateway
For example, to create rule 1, enter ip-rule 1.
on page 570
on page 573
on page 570
on page 571
on page 572
Policy lists
October 2013 569