EasyManuals Logo

ELTEX ESR-3100 User Manual

Default Icon
650 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #468 background imageLoading...
Page #468 background image
ESR series service routers.ESR-Series. User manual
468
1.
2.
3.
4.
1.
2.
Step Description Command Keys
44 Set the filtration only for IP packets
including ip-option (optional, available
only for zone-pair any self and zone-pair
<zone-name> any).
esr(config-zone-pair-rule)# match
[not] ip-option
45 Create an interzone interaction rule. esr(config-zone-rule)# enable
46 Enable filtering and session tracking
mode while packets are transmitted
between one Bridge group participants
(optional, available only for
ESR-1000/1200/1500/1511/1700
/3100).
esr(config-bridge)# ports firewall
enable
1
When using the not key, the rule will work for values which are not included in a specified profile.
The order of traffic processing by firewall rules
The order of processing transit traffic by firewall rules
If traffic is transmitted from one interface to another within the same zone (src-zone-name), then it is
checked by the zone-pair src-zone-name src-zone-name rules.If the traffic does not fall under any of the
rules of the current zone-pair, go to the next step.
If traffic is transmitted from one interface to another in different zones, then it is checked by the zone-
pair src-zone-name dst-zone-name rules.If the traffic does not fall under any of the rules of the current
zone-pair, go to the next step.
Traffic is checked by thezone-pair src-zone-name any rules.If the traffic does not fall under any of the
rules of the current zone-pair, go to the next step.
Traffic is checked by thezone-pair any any rules.If the traffic does not fall under any of the rules of the
current zone-pair, it is dropped.
The order of processing traffic terminated on the router
Traffic is checked by thezone-pair any self rules.If the traffic does not fall under any of the rules of the
current zone-pair, go to the next step.
Traffic is checked by the zone-pair src-zone-name self rules.If the traffic does not fall under any of the
rules of the current zone-pair, go to the next step.
Each 'match' command may contain the 'not' key. When using the key, packets that do not meet the given
requirement will fall under the rule.
You can obtain more detail information about firewall configuration in 'CLI command reference guide'.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the ELTEX ESR-3100 and is the answer not in the manual?

ELTEX ESR-3100 Specifications

General IconGeneral
BrandELTEX
ModelESR-3100
CategoryNetwork Router
LanguageEnglish

Related product manuals