ZyWALL 2 Series User’s Guide

 

Table 11-1 Firewall Rules Summary: First Screen

 

 

 

 

LABEL

 

DESCRIPTION

 

 

 

 

 

Enable Firewall

 

Select this check box to activate the firewall. The ZyWALL performs access control

 

 

 

and protects against Denial of Service (DoS) attacks when the firewall is activated.

 

 

 

 

 

Bypass Triangle

 

Select this check box to have the ZyWALL firewall ignore the use of triangle route

 

Route

 

topology on the network. See the Appendices for more on triangle route topology.

 

 

 

 

 

Firewall Rules

 

This read-only bar shows how much of the ZyWALL's memory for recording firewall

 

Storage Space in

 

rules it is currently using. When you are using 80% or less of the storage space, the

 

Use

 

bar is green. When the amount of space used is over 80%, the bar is red.

 

 

 

 

 

Packet Direction

 

Use the drop-down list box to select a direction of travel of packets (LAN to

 

 

 

LAN/ZyWALL, LAN to WAN, WAN to LAN, WAN to WAN/ZyWALL) for which you

 

 

 

want to configure firewall rules.

 

Block/

 

Use the option buttons to select whether to Block (silently discard) or Forward

 

Forward

 

(allow the passage of) packets that are traveling in the selected direction.

 

 

 

 

 

Log

 

Select the check box to create a log (when the above action is taken) for packets

 

 

 

that are traveling in the selected direction and do not match any of the rules below.

 

 

 

 

The following read-only fields summarize the rules you have created that apply to traffic traveling in the

 

selected packet direction. The firewall rules that you configure (summarized below) take priority over the

 

general firewall action settings above.

 

 

 

 

 

#

 

This is your firewall rule number. The ordering of your rules is important as rules are

 

 

 

applied in turn. The Move field below allows you to reorder your rules.

 

Status

 

This field displays whether a firewall is turned on (Active) or not (Inactive). Rules

 

 

 

that have not been configured display Empty.

 

Source Address

 

This drop-down list box displays the source addresses or ranges of addresses to

 

 

 

which this firewall rule applies. Please note that a blank source or destination

 

 

 

address is equivalent to Any.

 

Destination

 

This drop-down list box displays the destination addresses or ranges of addresses to

 

Address

 

which this firewall rule applies. Please note that a blank source or destination

 

 

 

address is equivalent to Any.

 

Service Type

 

This drop-down list box displays the services to which this firewall rule applies.

 

 

 

Please note that a blank service type is equivalent to Any. See Table 11-5for more

 

 

 

information.

 

 

 

 

 

Action

 

This is the specified action for that rule, either Block or Forward. Note that Block

 

 

 

means the firewall silently discards the packet.

 

 

 

 

 

Schedule

 

This field tells you whether a schedule is specified (Yes) or not (No).

 

 

 

 

 

Firewall Screens

11-7