Manualshelf

User guide

ManualsBrandsAllied Telesis ManualsComputer equipmentAT-iMG634 - R2
411412413414415416417418419420
Firewall Firewall command reference
iMG/RG Software Reference Manual (IPNetwork Functions)
4-118
Example Example 1 - specifying a protocol <number>
The following example allows IGMP (Internet Group Management Protocol) packets
inbound from the external interface to the DMZ interface. IGMP is protocol number 2
(see http://www.ietf.org/rfc/rfc1700.txt).
First, we need to create a policy:
--> firewall add policy ext-dmz external-dmz
Then we can add the portfilter to it:
--> firewall add portfilter pf1 ext-dmz protocol 2 inbound
Example 2 - specifying a TCP/UDP protocol
The following example allows DNS (Domain Name Service) outbound packets from the
internal interface to the external interface. DNS uses UDP port 53 (see http://
www.ietf.org/rfc/rfc1700.txt).
First, we need to create a policy:
--> firewall add policy ext-int external-internal
Then we can add the portfilter to it:
--> firewall add portfilter pf2 ext-int udp 53 53 outbound
Example 3 - using a provided protocol, application or service
Option Description Default Value
name An arbitrary name that identifies the portfilter. It can be
made up of one or more letters or a combination of letters
and digits, but it cannot start with a digit.
N/A
policyname An existing firewall policy. To display policy names, use the
FIREWALL LIST POLICIES command.
N/A
protocol
startport
endport
inbound
outbound
both