Filter fields
Filter Action
The Filter Action field can be set to Accept or Reject. This is the action that will be applied to network packets that meet the criteria specified in the filter.
IP Address
Specify either Include or Exclude. Include means the value as entered, while Exclude means all values EXCEPT the one entered.
Enter an IP address in the field in the format xxx.xxx.xxx.xxx. The wildcard "*" can be used in the last two segments of the IP address to specify "all", such as "192.168.*.*" to mean all addresses beginning with "192.168.". You can also include an optional CIDR
Note: To specify all IP addresses, use the syntax "0.0.0.0/32". If you specify Exclude with 0.0.0.0, for example,"Exclude 0.0.0.0/32", all network communications to your appliance will be blocked,
including further access through your Advanced View connection.
Protocol
Specify either Include or Exclude. Include means the value as entered, while "Exclude" means all values EXCEPT the one entered. Specify the protocol from the
Note: In many cases, the port number in conjunction with a protocol name or number is the common definition of a protocol. For example, the protocol "udp" and the port number "161" equals the
protocol "snmp".
Port
Specify either Include or Exclude. Include means the value as entered, while "Exclude" means all values EXCEPT the one entered.
Enter the port number or range of port numbers using the syntax "xxxx:xxxx" (without the quotes). For example, to apply the filter to the ports 100 to 300, enter "100:300" in the Port field of the filter.
The specified port numbers correspond to ports on the NetBotz appliance. Multiple individual ports can be entered by separating the ports with a comma, such as "100,200,300" (no quotes) to apply the filter to only port 100, port 200, and port 300.
Note: For
•HTTP GET and POST Alert Actions and Periodic Reports
•Call Web Services Alert Receiver Alert Actions
•FTP Alert Actions and Periodic Reports
•Send
•Any Appliance initiated TCP/UDP communication with a remote server by hostname (DNS resolution of the hostname may require TCP).
If you are using the NetBotz appliance with StruxureWare Data Center Expert, ports 1024 to 4999 must be open to TCP traffic. Otherwise, alerts or surveillance activity generated by the NetBotz appliance will not be
NetBotz Appliance User’s Guide | 83 |