Filter
Top Products
REJECT target
If REJECT is selected from the Target pull-down menu, the following pull-down menu appears.
Any Reject with option causes the input packet to be dropped and a reply packet of the
specified type to be sent.
Field Name Definition
Rejectwith
Rejectwith meansthatthe filter willdropthe inputpacket andsend backa
replypacketaccordingto anyofthe rejecttypeslistedbelow.
icmp-net-unreachable ICMPnetworkunreachablealias.
icmp-host-unreachable ICMPhostunreachable alias.
icmp-port-unreachable ICMPportunreachablealias.
icmp-proto-unreachable ICMP protocolunreachablealias.
icmp-net-prohibited ICMPnetworkprohibited alias.
icmp-host-prohibited ICMPhostprohibitedalias.
echo-reply Echo replyalias.
tcp-reset TCPRST packet alias.
Table 7.11: Reply Packet Names and Definitions
NOTE: The packetsarematched(using tcp flagsand appropriaterejecttype) withthe REJECT target.
Firewall configuration procedures
The following sections describe the procedures for defining packet filtering:
To add a chain:
1. Go to Network - Firewall Configuration.
2. Click Add. The Add Chain dialog box appears.
3. Enter the name of the chain to be added in the Name field.
4. Click OK. The name of the new chain appears in the list.
NOTE: Spacesarenot allowed inthechainname.
5. Add one or more rules to finish, as described in To add a rule: on page 85
To edit a chain:
Perform this procedure if you wish to change the policy for a default chain.
84 Cyclades
®
ACS5000 Installation/Administration/User Guide