This topic describes how to add an outbound rule to a network access control list (ACL). After creating a network ACL, you can add outbound rules to it to allow or deny the ECS instances in a VSwitch to access the public or private network.
- Log on to the VPC console.
- In the left-side navigation pane, click Network ACL.
- In the top navigation bar, select the region of the network ACL.
- On the Network ACL page, find the target network ACL, and then click Outbound Rule in the Actions column.
- On the Outbound Rule tab, click Create Outbound Rule.
- In the Create Outbound Rule dialog box, configure the outbound rule according to the following information, and
then click OK.
Configuration Description Name Enter a name for the outbound rule to be created.
The name must be 2 to 128 characters in length and can contain letters, numbers, underscores (_), and hyphens (-). The name must start with a letter and cannot start with
Effective order The order in which the outbound rule is evaluated.
Value range: [1~20]. A smaller number indicates a higher priority. For more information, see Rule evaluation order.
Action Select an authorization policy for the outbound rule. Valid values:
Protocol Select the transport layer protocol. Valid values:
- ALL: All protocols are supported.
Destination IP Addresses Enter the destination IP address range.
Default value: 0.0.0.0/32.
Destination Port Range Enter the destination port range.
Value range: [1~65535]. Separate the start port and the end port by using a forward slash (/), for example, 1/200 or 80/80. Note that you cannot set the port range to -1/-1, which indicates that all ports are allowed.