Manualshelf

User guide

ManualsBrandsAllied Telesis ManualsComputer equipmentAT-iMG634 - R2
401402403404405406407408409410
Firewall Firewall command reference
iMG/RG Software Reference Manual (IPNetwork Functions)
4-106
4.3.1.1 Policy
A policy is a relationship between two security interfaces where it is possible to assign portfilter and validator
rules between them.
There are three different security interface combinations that Firewall policies can be created between:
The external interface and the internal interface
The external interface and the DMZ interface
The DMZ interface and the internal interface
To add a policy between one of the three above interface combinations use the FIREWALL ADD POLICY com-
mand.
4.3.1.2 Portfilter
A portfilter is a rule that determines how the Firewall should handle packets being transported between two
security interfaces that are defined in an existing policy. The rules define:
What protocol type is allowed
Which TCP/UDP port numbers the packets are allowed to be transported on
the name of the well-known protocol, service or application allowed to be transported
source and destination addresses
Whichever type of filter rule you use, you must also determine which direction packets should be allowed to
travel in:
inbound; permitted traffic is transported from the outside interface to the inside interface
outbound; permitted traffic is transported from the inside interface to the outside interface
both; inbound and outbound rules apply
To add a portfilter to an existing policy use the FIREWALL ADD PORTFILTER command.
More than one portfilter object can be added to the same policy.
4.3.2 Firewall command reference
This section describes the commands available on AT-iMG Models to enable, configure and manage the Fire-
wall module
The table below lists the firewall commands provided by the CLI: