Firewall Packet filtering
IX20 User Guide
948
Packet filtering rules are enabled by default. To disable the rule:
(config firewall filter 1)> enable false
(config firewall filter 1)>
3. (Optional) Set the label for the rule.
(config firewall filter 1)> label "My filter rule"
(config firewall filter 1)>
4. Set the action to be performed by the filter rule.
(config firewall filter 1)> action value
(config firewall filter 1)>
where value is one of:
n
accept: Allowsmatching network connections.
n
reject: Blocks matching network connections, and sendsan ICMPerror if appropriate.
n
drop: Blocks matching network connections, and doesnot send a reply.
5. Set the firewall zone that will be monitored by this rule for incoming connectionsfrom network
interfacesthat are a member of this zone:
See Firewall configuration for more information about firewall zones.
(config firewall filter 1)> src_zone my_zone
(config firewall filter 1)>
6. Set the destination firewall zone. Packets destined for network interfacesthat are membersof
this zone will either be accepted, rejected or dropped by this rule.
See Firewall configuration for more information about firewall zones.
(config firewall filter 1)> dst_zone my_zone
(config firewall filter 1)>
7. Set the IPversion.
(config firewall filter 1)> ip_version value
(config firewall filter 1)>
where value is one of:
n
any
n
ipv4
n
ipv6
n
The default is any.
8. Set the protocol.
(config firewall filter 1)> protocol value
(config firewall filter 1)>
To Next Page
Loading...