Version 7.2 179 Mediant 800B Gateway & E-SBC
User's Manual 13. Security
Parameter Description
Note: When filtering fragmented IP packets, this field relates to
the overall (re-assembled) packet size, and not to the size of
each fragment.
Byte Rate
byte-rate
[AccessList_Byte_Rate]
Defines the expected traffic rate (bytes per second), i.e., the
allowed bandwidth for the specified protocol. In addition to this
field, the 'Burst Bytes' field provides additional allowance such
that momentary bursts of data may utilize more than the
defined byte rate, without being interrupted.
For example, if 'Byte Rate' is set to 40000 and 'Burst Bytes' to
50000, then this implies the following: the allowed bandwidth is
40000 bytes/sec with extra allowance of 50000 bytes; if, for
example, the actual traffic rate is 45000 bytes/sec, then this
allowance would be consumed within 10 seconds, after which
all traffic exceeding the allocated 40000 bytes/sec is dropped.
If the actual traffic rate then slowed to 30000 bytes/sec, then
the allowance would be replenished within 5 seconds.
Burst Bytes
byte-burst
[AccessList_Byte_Burst]
Defines the tolerance of traffic rate limit (number of bytes).
The default is 0.
Statistics
Match Count
[AccessList_MatchCount]
(Read-only) Displays the number of packets accepted or
rejected by the rule.
The table below provides an example of configured firewall rules:
Table 13-2: Configuration Example of Firewall Rules
Parameter
Firewall Rule
1 2 3 4 5
Source IP
12.194.231.76
12.194.230.7 0.0.0.0 192.0.0.0 0.0.0.0
Prefix Length
16 16 0 8 0
Start Port and End
Port
0-65535 0-65535 0-65535 0-65535 0-65535
Protocol
Any Any icmp Any Any
Use Specific
Interface
Enable Enable Disable Enable Disable
Interface Name
WAN WAN None Voice-Lan None
Byte Rate
0 0 40000 40000 0
Burst Bytes
0 0 50000 50000 0
Action Upon Match
Allow Allow Allow Allow Block
The firewall rules in the above configuration example do the following:
Rules 1 and 2: Typical firewall rules that allow packets ONLY from specified IP
To Next Page
Loading...
