Chapter 7: Network Menu and Forms 81

Figure 7.1: Expert - Firewall Configuration Add Rule and Edit Rule Dialog Boxes

Inverted checkboxes

If the Inverted checkbox is enabled for the corresponding option, the target action is performed on packets that do not match any of the criteria specified in that line.

For example, if you select DROP as the target action from the Target pull-down list, check Inverted on the line with the Source IP and do not specify any other criteria in the rule, any packets arriving from any other source IP address than the one specified are dropped.

Target pull-down menu options

The Target pull-down menu shows the action to be performed on an IP packet that matches all the criteria specified in a rule. The kernel can be configured to ACCEPT, DROP, RETURN, LOG or REJECT the packet by sending a message, translating the source or the destination IP address or sending the packet to another user-defined chain.

Source or destination IP and mask

If you add a value in the Source IP field, incoming packets are filtered for the specified IP address and if you add a value in the Destination IP field, outgoing packets are filtered for the specified IP address. A value in the Mask field means incoming or outgoing packets are filtered for IP addresses from the network in the specified subnet.

Protocol

You can select a protocol for filtering. Fields that appear for each protocol are explained in the following sections.

Page 89
Image 89
Avocent ACS 5000 manual Inverted checkboxes, Target pull-down menu options, Source or destination IP and mask, Protocol