MX Series Voice Gateway User Manual
New Rock Technologies, Inc. 95
Specify the source IP address range.
Note: This parameter does not support domain names.
Specify the protocol type.
The value can be set TCP, UDP, ICMP, or any.
You may do the following operations:
Add: Add a new rule
Copy : Duplicate the selected rule to a new rule
Delete : Delete the selected rule
Batch delete: Delete all selected rules in batch
The static defense rules take effect from top to bottom.
Examples
Explanations of the rules listed in Figure 2-59 are as follows:
Rule 1: Port 80 of the device is allowed to receive TCP data packets from the source IP address 192.168.120.54.
Rule 2: Port 22 of the device is prohibited from receiving TCP data packets from the source IP address
192.168.120.54.
Rule 3: Ports 5060 and 5061 of the device are prohibited from receiving data packets (of any protocol type) from
the source IP address 192.168.120.54.
2.7.5 Packet Rate Limiting Based Dynamic Blacklisting
Packet rate limiting based dynamic blacklisting enables the device to defend against Dos/DDoS attacks
which involve multiple computers all over the world and amounts of traffic.
You can set multiple defense rules.
When the rate at which the data packets received by the device exceeds the threshold preset in the rules,
the received data packets are discarded, and moreover the IP address of the attack source is added to the
blocked list. Data packets from this address will no longer be received.
Rule configuration
After login, choose Security > Dynamic defense, to go to the configuration interface.
To Next Page
Loading...
Need help?
General
