|
| Chapter 12 Firewall Configuration | |
| Table 66 Firewall: Edit Rule (continued) | ||
| LABEL | DESCRIPTION |
|
| Action for Matched | Use the |
|
| Packet | match this rule. |
|
|
| Select Drop to silently discard the packets without sending a TCP reset packet |
|
|
| or an ICMP |
|
|
| Select Reject to deny the packets and send a TCP reset packet (for a TCP |
|
|
| packet) or an ICMP |
|
|
| sender. |
|
|
| Select Permit to allow the passage of the packets. |
|
|
|
|
|
| Source/Destination |
|
|
| Address |
|
|
|
|
|
|
| Address Type | Do you want your rule to apply to packets with a particular (single) IP, a range of |
|
|
| IP addresses (e.g., 192.168.1.10 to 192.169.1.50), a subnet or any IP address? |
|
|
| Select an option from the |
|
|
| Range Address, Subnet Address and Any Address. |
|
|
|
|
|
| Start IP Address | Enter the single IP address or the starting IP address in a range here. |
|
|
|
|
|
| End IP Address | Enter the ending IP address in a range here. |
|
|
|
|
|
| Subnet Mask | Enter the subnet mask here, if applicable. |
|
|
|
|
|
| Add >> | Click Add >> to add a new address to the Source or Destination Address box. |
|
|
| You can add multiple addresses, ranges of addresses, and/or subnets. |
|
|
|
|
|
| Edit << | To edit an existing source or destination address, select it from the box and click |
|
|
| Edit <<. |
|
|
|
|
|
| Delete | Highlight an existing source or destination address from the Source or |
|
|
| Destination Address box above and click Delete to remove it. |
|
|
|
|
|
| Services |
|
|
|
|
|
|
| Available/ Selected | Please see Section 12.8 on page 187 for more information on services |
|
| Services | available. Highlight a service from the Available Services box on the left, then |
|
|
| click Add >> to add it to the Selected Services box on the right. To remove a |
|
|
| service, highlight it in the Selected Services box on the right, then click |
|
|
| Remove. |
|
|
|
|
|
| Edit Customized | Click the Edit Customized Services link to bring up the screen that you use to |
|
| Service | configure a new custom service that is not in the predefined list of services. |
|
|
|
|
|
| Schedule |
|
|
|
|
|
|
| Day to Apply | Select everyday or the day(s) of the week to apply the rule. |
|
|
|
|
|
| Time of Day to | Select All Day or enter the start and end times in the |
|
| Apply | apply the rule. |
|
| Format) |
|
|
|
|
|
|
| Log |
|
|
|
|
|
|
| Log Packet Detail | This field determines if a log for packets that match the rule is created or not. Go |
|
| Information | to the Log Settings page and select the Access Control logs category to have |
|
|
| the ZyXEL Device record these logs. |
|
|
|
|
|
| Alert |
|
|
|
|
|
|
| Send Alert | Select the check box to have the ZyXEL Device generate an alert when the rule |
|
| Message to | is matched. |
|
| Administrator When |
|
|
| Matched |
|
|
|
|
|
|
| Apply | Click Apply to save your customized settings and exit this screen. |
|
|
|
|
|
| Cancel | Click Cancel to exit this screen without saving. |
|
|
|
|
|
| 181 |
|
|