Manualshelf

User guide

ManualsBrandsAllied Telesis ManualsComputer equipmentAT-iMG634 - R2
421422423424425426427428429430
Firewall command reference Firewall
4-119
iMG/RG Software Reference Manual (IPNetwork Functions)
The following example allows SMTP (Simple Mail Transfer Protocol) packets inbound
and outbound between the internal interface to the DMZ interface. This is a popular pro-
tocol that is provided by the Firewall. You do not need to specify the portnumber - the
Firewall does this for you.
First, we need to create a policy:
--> firewall add policy dmz-int dmz-internal
Then we can add the portfilter to it:
--> firewall add portfilter pf3 dmz-int smtp both
See also FIREWALL LIST POLICIES
FIREWALL LIST PROTOCOL
See the Well Known Port Numbers section of RFC 1700 for a list of port numbers and protocols for particular
services (see http://www.ietf.org/rfc/rfc1700.txt).
4.3.2.0.13 FIREWALL SET PORTFILTER
Syntax firewall set portfilter <name> <policyname> {srcaddr <IPad-
dress><Mask>} {dstaddr <IPaddress><Mask>}
firewall set portfilter <name> <policyname> {srcport <startport><endport>} {dstport
<startport><endport>}
firewall set portfilter <name> <policyname> {Protocol <protocol>}
firewall set portfilter <name> <policyname> {direction <inbound | outbound | both>}
filrewall set portfilter <name> <policyname> {ENABLE | disabled}
filrewall set portfilter <name> <policyname> {ALLOW | DENY}
Description This command sets all the attributes of each portfilter object created in the system. The
attributes of portfilters are:
set the permission status of portfilter to allow or deny
source and destination address
source and destination port
•protocol
•direction
Options The following table gives the range of values for each option that can be specified with
this command and a Default Value (if applicable).