Filter
Top Products
̈ Chapter 8: Firewall LANCOM Reference Manual LCOS 3.50
147
Firewall
Stations and services can be described according to the following rules in the
object table:
Equal identifier can generate comma-separated lists as for example host lists/
address lists (%A10.0.0.1, 10.0.0.2), or hyphen-separated ranges like port
ranges (%S20-25). The occurrence of a "0" or an empty string represents the
’any’ object.
When configuring via console (Telnet or terminal program), the com-
bined parameters (port, destination, source) must be embraced with
inverted commas (character ").
Action table
As described above, a Firewall action consists of condition, limit, packet
action and further measures. In the action table Firewall actions are composed
as any combination of the following elements:
Description Object ID Examples and notes
Local network %L
Remote stations %H Name must be in DSL /ISDN /PPTP or
VPN name list
Host name %D Note advice for host names (→page 129)
MAC address %E 00:A0:57:01:02:03
IP address %A %A10.0.0.1, 10.0.0.2;
%A0 (all addresses)
Netmask %M %M255.255.255.0
Protocol (TCP/UDP/ICMP etc.) %P %P6 (for TCP)
Service (port) %S %S20-25 (for ports 20 to 25)