ZyWALL 5/35/70 Series User’s Guide

The following table describes the labels in this screen.

Table 70 Firewall Edit Rule

LABEL

DESCRIPTION

 

 

Rule Name

Enter a descriptive name of up to 31 printable ASCII characters (except Extended

 

ASCII characters) for the firewall rule. Spaces are allowed.

Edit Source/

 

Destination

 

Address

 

Address Type

Do you want your rule to apply to packets with a particular (single) IP, a range of IP

 

addresses (for example 192.168.1.10 to 192.169.1.50), a subnet or any IP

 

address? Select an option from the drop-down list box that includes: Single

 

Address, Range Address, Subnet Address and Any Address.

 

You can configure up to 20 source or destination IP address entries in a rule.

 

 

Start IP Address

Enter the single IP address or the starting IP address in a range here.

 

 

End IP Address

Enter the ending IP address in a range here.

 

 

Subnet Mask

Enter the subnet mask here, if applicable.

 

 

Add

Click Add to add a new address to the Source or Destination Address(es) box.

 

You can add multiple addresses, ranges of addresses, and/or subnets.

Modify

To edit an existing source or destination address, select it from the box and click

 

Modify.

Delete

Highlight an existing source or destination address from the Source or Destination

 

Address(es) box above and click Delete to remove it.

Edit Service

 

 

 

Available/

Please see Section 11.11 on page 226 for more information on services available.

Selected Services

Highlight a service from the Available Services box on the left, then click >> to add

 

it to the Selected Service(s) box on the right. To remove a service, highlight it in

 

the Selected Service(s) box on the right, then click <<.

Edit Schedule

 

 

 

Day to Apply

Select everyday or the day(s) of the week to apply the rule.

 

 

Time of Day to

Select All Day or enter the start and end times in the hour-minute format to apply

Apply (24-Hour

the rule.

Format)

 

Actions When

 

Matched

 

Log Packet

This field determines if a log for packets that match the rule is created (Yes) or not

Information When

(No). Go to the Log Settings page and select the Access Control logs category to

Matched

have the ZyWALL record these logs.

Send Alert

Select the check box to have the ZyWALL generate an alert when the rule is

Message to

matched.

Administrator

 

When Matched

 

Action for

Use the drop-down list box to select whether to discard (Drop), deny and send an

Matched Packets

ICMP destination-unreachable message to the sender of (Reject) or allow the

 

passage of (Permit) packets that match this rule.

Apply

Click Apply to save your customized settings and exit this screen.

 

 

Cancel

Click Cancel to exit this screen without saving.

 

 

221

Chapter 11 Firewall Screens