Chapter 15 Firewall

15.4 The Rules Screen

Click Security > Firewall > Rules to display the following screen. This screen displays a list of the configured firewall rules. Note the order in which the rules are listed.

Note: The firewall configuration screen shown in this section is specific to the following devices: P-The ordering of your rules is very important as rules are applied in turn.

Figure 87 Security > Firewall > Rules

The following table describes the labels in this screen.

Table 66 Security > Firewall > Rules

LABEL

DESCRIPTION

Firewall Rules Storage

This read-only bar shows how much of the AMG1312-T Series's memory for

Space in Use

recording firewall rules it is currently using. When you are using 80% or less of the

 

storage space, the bar is green. When the amount of space used is over 80%, the

 

bar is red.

 

 

Packet Direction

Use the drop-down list box to select a direction of travel of packets for which you

 

want to configure firewall rules.

 

 

Create a new rule

Select an index number and click Add to add a new firewall rule after the selected

after rule number

index number. For example, if you select “6”, your new rule becomes number 7 and

 

the previous rule 7 (if there is one) becomes rule 8.

 

 

 

The following read-only fields summarize the rules you have created that apply to

 

traffic traveling in the selected packet direction. The firewall rules that you configure

 

(summarized below) take priority over the general firewall action settings in the

 

General screen.

 

 

#

This is your firewall rule number. The ordering of your rules is important as rules are

 

applied in turn.

 

 

Active

This field displays whether a firewall is turned on or not. Select the check box to

 

enable the rule. Clear the check box to disable the rule.

 

 

Source IP Address

This column displays the source addresses or ranges of addresses to which this

 

firewall rule applies. Please note that a blank source or destination address is

 

equivalent to Any.

 

 

Destination IP Address

This column displays the destination addresses or ranges of addresses to which this

 

firewall rule applies. Please note that a blank source or destination address is

 

equivalent to Any.

 

 

Service

This column displays the services to which this firewall rule applies. See Appendix F

 

on page 286 for more information.

 

 

Action

This field displays whether the firewall silently discards packets (Drop), discards

 

packets and sends a TCP reset packet or an ICMP destination-unreachable message

 

to the sender (Reject) or allows the passage of packets (Permit).

 

 

Source Interface

This column displays the source interface to which this firewall rule applies. This is

 

the interface through which the traffic entered the AMG1312-T Series. Please note

 

that a blank source interface is equivalent to Any.

 

 

 

173

AMG1312-T Series User’s Guide