Chapter 4: Firewall, Failover & OOB Access
104
Connection State: The state of connections that the firewall rule applies to (Any,
Related/Established, or New). This can be used to only allow established
connections out an interface.
Action: The action (Accept or Block) that applies to the packets detected that
match the Interface+ Port Range+ Source/destination Address Range+
Protocol+ Direction
For example, to block all SSH traffic from leaving Dialout Interface, the following settings can be used:
Interface: Dialout/Cellular
Port Range: 22
Protocol: TCP
Direction: Egress
Action: Block
The firewall rules are processed in a set order from top to bottom. For example, with the following rules,
all traffic coming in over the Network Interface is blocked except when it comes from two nominated IP
addresses (SysAdmin and Tony):
To allow all incoming traffic on all
interfaces from the SysAdmin:
To allow all incoming
traffic from Tony:
To block all incoming
traffic from the Network
Interface:
If the Rule Order above is changed so the Block Everyone Else rule is second on the list, the traffic coming
in over the Network Interface from Tony would be blocked.
To Next Page
Loading...
Need help?
General
