Filter
Top Products
Field/Menu Option Definition
SourcePort- or -Des-
tinationPort
AsingleIPaddressora range ofIPaddresses.
TCPFlags
[TCPonly]SYN(synchronize),ACK(acknowledge),FIN (finish),RST(reset),
URG(urgent) andPSH(push).Theconditionsinthepull-downmenu for eachflag
are:Any,Setor Unset.
Table 3.3: Firewall Configuration - TCP and UDP Options Fields
If ICMP is selected from the Protocol menu, the ICMP Type pull-down menu is activated.
If an administrator enters the Ethernet interface (eth0 or eth1) in the input or output interface
fields and selects an option (2nd and further packets, All packets and fragments or
Unfragmented packets and 1st packets) from the Fragments pull-down menu, the target action
is performed on packets from or to the specified interface if they meet the criteria in the selected
Fragments menu option.
To add a chain:
1. Select Network - Firewall.
2. Select either IPv4 Filter Table or IPv6 Filter Table as needed.
3. Click Add.
4. Enter the name of the chain to be added.
5. Click Save.
NOTE: Spacesarenotallowedinthechainname.
6. Add one or more rules to complete the chain configuration.
To change the policy for a default chain:
NOTE: User-definedchainscannotbeedited.Torenameauser-addedchain,deleteitandcreateanew one.
1. Select Network - Firewall.
2. Select either IPv4 Filter Table or IPv6 Filter Table as needed.
3. Select the checkbox next to the name of the chain you want to change (FORWARD,
INPUT, OUTPUT).
4. Click Change Policy and select Accept or Drop from the drop-down menu.
5. Click Save.
To add a rule:
1. Select Network - Firewall.
Chapter 3: Accessing the Console Server via the Web Manager 33