Configuring ACS Ruledef
A ruledef represents a set of matching conditions across multiple L3 – L7 protocol based on protocol fields and state information. Each ruledef can be used across multiple rulebases within the active charging service.
This section describes how to create, configure, or delete ACS rule definitions.
configure
active-charging service service_name
ruledef ruledef_name
ip any-match [ = | != ] [ TRUE | FALSE ]
ip dst-address { operator { { ipv4_address | ipv6_address
} | { ipv4_address/mask | ipv6_address/mask} |
address-group ipv6_address } | { !range | range }
rule-application { charging | post-processing | routing }
end
NOTES:
-
ruledef ruledef_name : Specifies the ruledef to add, configure, or delete. ruledef_name must be the name of an ACS ruledef, and must be an alphanumeric string of 1 to 63 characters, and can contain punctuation characters. Each ruledef must have a unique name. Host pool, port map, IMSI pool, and firewall, routing, and charging ruledefs must have unique names.
-
If the named ruledef does not exist, it is created, and the CLI mode changes to the ACS Ruledef Configuration Mode wherein the ruledef can be configured.
-
If the named ruledef already exists, the CLI mode changes to the ACS Ruledef Configuration Mode for that ruledef. The ACS Ruledef Configuration Mode is used to create and manage rule expressions in individual rule definitions (ruledefs).
-
ip any-match [= | !=] [TRUE | FALSE]: This command defines the rule expressions to match IPv4/IPv6 packets. The operator and condition in the command specifies the following:
-
operator
-
!=: Does not equal
-
< =: Equals
-
-
condition
-
FALSE
-
TRUE
-
-
-
ip dst-address { operator { { ipv4_address | ipv6_address } | { ipv4_address/mask |ipv6_address/mask } | address-group ipv6_address } | { !range | range } host-pool host_pool_name } : This command allows defining rule expressions to match IP destination address field within IP headers.
-
ipv4_address | ipv6_address : Specifies the IP address of the destination node for outgoing traffic. ipv4_address | ipv6_address must be an IP address in IPv4 dotted-decimal or IPv6 colon-separated-hexadecimal notation.
-
ipv4_address/mask | ipv6_address/mask : Specifies the IP address of the destination node for outgoing traffic. ipv4_address/mask | ipv6_address/mask must be an IP address in IPv4 dotted-decimal or IPv6 colon-separated-hexadecimal notation with subnet mask bit. The mask bit is a numeric value which corresponds to the number of bits in the subnet mask.
-
address-group ipv6_address : Specifies a group of IPv6 addresses configured with wildcard input and/or specialized range input. Multiple wildcard characters can be accepted as input and only one 2 byte range input will be accepted. Both wildcard character input and 2-byte range input can be configured together within a given IPv6 address.
-
The operator in the command specifies the following:
-
!=: Does not equal
-
<: Lesser than or equals
-
=: Equals
-
>=: Greater than or equals
-
-
-
multi-line-or all-lines : This command allows a single ruledef to specify multiple URL expressions. When a ruledef is evaluated, if the multi-line-or all-lines command is configured, the logical OR operator is applied to all the rule expressions in the ruledef to decide if the ruledef matches or not. If the multi-line-or all-lines command is not configured, the logical AND operator is applied to all the rule expressions.
-
rule-application { charging | post-processing | routing } : This command specifies the rule application for a rule definition.
-
charging : Specifies that the current ruledef is for charging purposes.
-
post-processing : Specifies that the current ruledef is for post-processing purposes. This enables processing of packets even if the rule matching for them has been disabled.
-
routing : Specifies that the current ruledef is for routing purposes. Up to 256 rule definitions can be defined for routing in an Active Charging Service. Default: Disabled.
-