4: Configuring the Web Interface
Firewall Configuration
Firewall configuration, also known as IP filtering, refers to the selective blocking of the passage of IP packets between global and local networks. The filtering is based on rules that describe the characteristics of the packet (e.g., the contents of the IP header, the input/output interface, or the protocol).
This feature is used mainly in firewall applications to filter the packets that could potentially crack the network system or generate unnecessary traffic in the network.
Structure of IP Filtering
The Firewall Configuration form is structured on two levels:
•The view table of the Firewall Configuration form which contains a list of chains.
•The chains which contain the rules that control filtering.
Chain
The filter table contains a number of
The
•INPUT - For packets coming into the ACS box itself.
•FORWARD - For packets being routed through the ACS box.
•OUTPUT - For
Rule
Each chain has a sequence of rules that address the following:
•How the packet should appear in order to match the rule.
Some information about the packet is checked according to the rule, for example, the IP header, the input and output interfaces, the TCP flags and the protocol.
•What to do when the packet matches the rule.
The packet can be accepted, blocked, logged or jumped to a
80 | AlterPath Console Server User Manual |